OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: securitycaldera.com
Date: Fri Nov 30 2001 - 16:37:01 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: bugtraqsecurityfocus.com announcelists.caldera.com scoannmodxenitec.on.ca

    ___________________________________________________________________________

                Caldera International, Inc. Security Advisory

    Subject: Open UNIX, UnixWare 7: wu-ftpd ftpglob() vulnerability
    Advisory number: CSSA-2001-SCO.36
    Issue date: 2001 November 30
    Cross reference:
    ___________________________________________________________________________

    1. Problem Description
            
            A vulnerability in the wu-ftpd ftpglob() function was found by
            the CORE ST team. This vulnerability can be exploited to
            obtain root access on the ftp server.
       

    2. Vulnerable Versions

            Operating System Version Affected Files
            ------------------------------------------------------------------
            UnixWare 7 All /usr/sbin/in.ftpd
            Open UNIX 8.0.0 /usr/sbin/in.ftpd

    3. Workaround

            None.

    4. UnixWare 7, Open UNIX 8

      4.1 Location of Fixed Binaries

            ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.36/

      4.2 Verification

            md5 checksums:
            
            9294a9d1a467b72d7ee9bb37672855a0 erg711908.Z

            md5 is available for download from

                    ftp://stage.caldera.com/pub/security/tools/

      4.3 Installing Fixed Binaries

            Upgrade the affected binaries with the following commands:

            Download erg711908.Z to /tmp
            
            # uncompress /tmp/erg711908.Z
            # pkgadd -d /tmp/erg711908

    5. References

            CORE-20011001: Wu-FTP glob heap corruption vulnerability
            http://www.corest.com

            CERT Advisory CA-2001-33 Multiple Vulnerabilities in WU-FTPD
            http://www.cert.org

            http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0550

            This and other advisories are located at
                    http://stage.caldera.com/support/security

            This advisory addresses Caldera Security internal incidents
            sr856023, fz519403, erg711908.
            

    6. Disclaimer

            Caldera International, Inc. is not responsible for the misuse
            of any of the information we provide on our website and/or
            through our security advisories. Our advisories are a service
            to our customers intended to promote secure installation and
            use of Caldera International products.

    7. Acknowledgements

            This vulnerability was originally reported by Matt Power of
            BindView on the vuln-dev mailing list.

    ___________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (SCO_SV)
    Comment: For info see http://www.gnupg.org

    iEYEARECAAYFAjwICg0ACgkQaqoBO7ipriGKQQCfZNBZdjB4wJM7HVGkagyp8/IT
    wtEAniqidryyyoNkvXcUHvikD4b3bf3h
    =MfGs
    -----END PGP SIGNATURE-----