Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Security Update: [CSSA-2001-SCO.7] OpenUnix, UnixWare: su buffer overflow

From: sco-security () caldera com
Date: Tue, 24 Jul 2001 15:12:00 -0700
To: bugtraq () securityfocus com security-announce () lists securityportal com announce () lists caldera com

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject:                OpenUnix, UnixWare: su buffer overflow
Advisory number:        CSSA-2001-SCO.7
Issue date:             2001 July 24
Cross reference:
___________________________________________________________________________



1. Problem Description
        
        Long values of the TERM variable can cause the su command to
        have a memory fault. This might be exploited by an
        unauthorized user to gain privileges.


2. Vulnerable Versions

        Operating System        Version         Affected Files
        ------------------------------------------------------------------
        UnixWare 7              All             /usr/bin/su
                                                /sbin/su
        OpenUnix 8              8.0.0           /usr/bin/su
                                                /sbin/su


3. Workaround

        None.


4. UnixWare 7

  4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/security/unixware/sr849768/


  4.2 Verification

        md5 checksums:
        
        1381b35641cce39556d9d8365a170821        erg711787a.Z


        md5 is available for download from

                ftp://ftp.sco.com/pub/security/tools/


  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/erg711787a.Z
        # pkgadd -d /tmp/erg711787a


5. OpenUnix 8

  4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/security/openunix/sr849768/


  4.2 Verification

        md5 checksums:
        
        1381b35641cce39556d9d8365a170821        erg711787a.Z


        md5 is available for download from

                ftp://ftp.sco.com/pub/security/tools/


  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:


        # uncompress /tmp/erg711787a.Z
        # pkgadd -d /tmp/erg711787a


6. References

        http://www.calderasystems.com/support/security/index.html


7. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.


8.Acknowledgements

        Caldera International wishes to thank KF<dotslash () snosoft com>
        for reporting the problem.
         
___________________________________________________________________________

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: