Full Disclosure mailing list archives
UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : mountd remote denial of service
From: please_reply_to_security () sco com
Date: Tue, 11 Jan 2005 17:18:11 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : mountd remote denial of service
Advisory number: SCOSA-2005.1
Issue date: 2005 January 11
Cross reference: sr892156 fz530479 erg712731 CAN-2004-1039
______________________________________________________________________________
1. Problem Description
mountd is not enabled by default. But when the NFS mountd service
is run by inetd, if a NFS mount related request is received
from the remote (or local) host, inetd will repeatedly
create the mountd process and as a result increasingly
consume memory.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2004-1039 to this issue.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.4 /usr/lib/nfs/tmp/mountd
UnixWare 7.1.3 /usr/lib/nfs/tmp/mountd
UnixWare 7.1.1 /usr/lib/nfs/mountd
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.4 / UnixWare 7.1.3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1
4.2 Verification
MD5 (erg712731.pkg.Z) = 69067669ac277725e8665ac02f955607
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download erg712731.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/erg712731.pkg.Z
# pkgadd -d /var/spool/pkg/erg712731.pkg
5. UnixWare 7.1.1
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.1
5.2 Verification
MD5 (erg712731.711.pkg.Z) = 4f7e3bba1e5381e28bef0894dc1d9ec1
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download erg712731.711.pkg.Z to the /var/spool/pkg directory
# uncompress /var/spool/pkg/erg712731.711.pkg.Z
# pkgadd -d /var/spool/pkg/erg712731.711.pkg
6. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1039
http://www.nilesoft.co.kr/
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr892156 fz530479
erg712731.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
8. Acknowledgments
SCO would like to thank Yun Jonglim a security researcher
of NileSOFT, Ltd (www.nilesoft.co.kr) for reporting this
issue.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (SCO/UNIX_SVR5)
iD8DBQFB5GoCaqoBO7ipriERAkkJAJ4xVCkfRughdxUAYyXba4+w53f1mgCfZG5h
67uBgt3Pg945OMT262BZYZ0=
=SBR9
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : mountd remote denial of service please_reply_to_security (Jan 11)