Full Disclosure mailing list archives
UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : wu-ftp denial of service
From: please_reply_to_security () sco com
Date: Tue, 7 Jun 2005 17:21:38 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : wu-ftp denial of service
Advisory number: SCOSA-2005.28
Issue date: 2005 June 06
Cross reference: sr893935 fz532336 erg712855 CAN-2005-0256
______________________________________________________________________________
1. Problem Description
The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1
and 2.6.2 allows remote attackers to cause a denial of
service (CPU exhaustion by recursion) via a glob pattern
with a large number of SCOSA-2005.28.in SCOSA-2005.28.txt
erg712855.711.pkg.Z erg712855.711.txt erg712855.713.pkg.Z
erg712855.713.txt (wildcard) characters, as demonstrated
using the dir copmmand.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following name CAN-2005-0256 to this issue.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.4 /usr/sbin/in.ftpd
UnixWare 7.1.3 /usr/sbin/in.ftpd
UnixWare 7.1.1 /usr/sbin/in.ftpd
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.4
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28
4.2 Verification
MD5 (erg712855.714.pkg.Z) = e774fb3a1e9be5ad88f961b95362e25c
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download erg712855.713.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/erg712855.713.pkg.Z
# pkgadd -d /var/spool/pkg/erg712855.713.pkg
5. UnixWare 7.1.3
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28
5.2 Verification
MD5 (erg712855.713.pkg.Z) = 60aeba73dbb57e4979c36e222340cdc6
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download erg712855.713.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/erg712855.713.pkg.Z
# pkgadd -d /var/spool/pkg/erg712855.713.pkg
6. UnixWare 7.1.1
6.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28
6.2 Verification
MD5 (erg712855.711.pkg.Z) = c7dd29c7fb98756a9c8e5fa0eff5e177
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
6.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download erg712855.711.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/erg712855.711.pkg.Z
# pkgadd -d /var/spool/pkg/erg712855.711.pkg
7. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0256
http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr893935 fz532336
erg712855.
8. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
9. Acknowledgments
SCO would like to thank Adam Zabrocki
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (SCO/SYSV)
iD8DBQFCpM9BaqoBO7ipriERAhO2AJ40rgAsjtCuOafpHiKgV6NUOW2thACfdVG2
kexy3Sv4Za072j8BSAl21IU=
=/ee2
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : wu-ftp denial of service please_reply_to_security (Jun 07)