To: bugtraqsecurityfocus.com announcelists.caldera.com scoannmodxenitec.on.ca

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject: REVISION: OpenServer: shell here-documents allow various security breaches
Advisory number: CSSA-2001-SCO.24.1
Issue date: 2001 December 4
Cross reference: CSSA-2001-SCO.24
___________________________________________________________________________

1. Problem Description
        
        *************************************************************
        The original binaries supplied to fix this vulnerability were
        flawed, exhibiting a variety of unusual behaviors. If you have
        already applied CSSA-2001-SCO.24, Caldera recommends that you
        immediately apply this new version, CSSA-2001-SCO.24.1.
        *************************************************************

        Shell here-document processing is vulnerable to a variety of
        security attacks.

2. Vulnerable Versions

        Operating System Version Affected Files
        ------------------------------------------------------------------
        OpenServer <= 5.0.6a /bin/sh
                                                /sbin/sh
                                                /bin/csh
                                                /bin/ksh
                                                /usr/bin/euc/ksh
                                                /usr/lib/scosh/utilbin/oash

3. Workaround

        None.

4. OpenServer

  4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.24.1/

  4.2 Verification

        md5 checksums:
        
        05a3f8b4a00f806f919d0dd723d2b2db shells.tar.Z

        md5 is available for download from

                ftp://stage.caldera.com/pub/security/tools/

  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/shells.tar.Z
        # for i in /bin/csh /bin/ksh /bin/sh /sbin/sh /usr/bin/euc/ksh /usr/lib/scosh/utilbin/oash
> do
> mv $i ${i}-
> done
        # cd /
        # tar xvf /tmp/shells.tar

5. References

        http://www.kb.cert.org/vuls/id/10277

        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory addresses Caldera Security internal incidents
        sr847825, erg711733.

6. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.

7. Acknowledgements

        The original discoverer of this vulnerability was Gordon Irlam
        of the Univeristy of Adelaide, Australia.

         
___________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjwNNB8ACgkQaqoBO7ipriEA7QCfbyIE22dIDY1wTL1N8QIVwPNG
jC8An3SfByzOlCgOBiNXTMAR9QAQb+TU
=zgNe
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]