To: security-announcelists.securityportal.com announcelists.caldera.com bugtraqsecurityfocus.com

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject: Open Unix, UnixWare 7: lp utility commands: buffer overflows
Advisory number: CSSA-2001-SCO.16
Issue date: 2001 September 18
Cross reference:
___________________________________________________________________________

1. Problem Description
        
        Very long arguments to the line printer utilities accept,
        reject, enable and disable caused a segmentation violation.
        This could be used by an unauthorized user to gain privilege.
                

2. Vulnerable Versions

        Operating System Version Affected Files
        ------------------------------------------------------------------
        UnixWare 7 All /usr/bin/enable
                                                /usr/bin/disable
                                                /usr/sbin/accept
                                                /usr/sbin/reject

        Open Unix All /usr/bin/enable
                                                /usr/bin/disable
                                                /usr/sbin/accept
                                                /usr/sbin/reject

3. Workaround

        None.

4. UnixWare 7

  4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/unixware/CSSA-2001-SCO.16/

  4.2 Verification

        md5 checksums:
        
        303d3ffd1acbcf91e50fd6b68ec1a5cf erg711788b.Z

        md5 is available for download from

                ftp://stage.caldera.com/pub/security/tools/

  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/erg711788b.Z
        # pkgadd -d /tmp/erg711788b

5. Open Unix

  5.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.16/

  5.2 Verification

        md5 checksums:
        
        ca3605f82792a855caafe72245425dc9 erg711788a.Z

        md5 is available for download from

                ftp://stage.caldera.com/pub/security/tools/

  5.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/erg711788a.Z
        # pkgadd -d /tmp/erg711788a

6. References

        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory addresses Caldera Security internal incidents
        sr849818, sr847404, and sr847403.

7. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.

8. Acknowledgements

        Caldera International wishes to thank KF <dotslashsnosoft.com>
        for discovering and reporting this problem.

         
___________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjunxpcACgkQaqoBO7ipriHJ+wCgpav7OUz2wA5F0MFNL7SBuAbc
80YAoKzPCUKGburjxhANV7YxB7v1S0Fn
=UBXT
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]