[12979] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Recent postings about SCO UnixWare 7

daemon@ATHENA.MIT.EDU (Andrew Malcolm)
Wed Dec 15 19:38:15 1999

Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id:  <002801bf4729$9e1e99a0$0f037e96@andrewma.pd.london.sco.com>
Date:         Wed, 15 Dec 1999 18:24:26 -0000
Reply-To: Andrew Malcolm <andrewma@SCO.COM>
From: Andrew Malcolm <andrewma@SCO.COM>
X-To:         Bugtraq List <BUGTRAQ@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM

The SCO engineering groups are aware of the recent postings to BUGTRAQ
regarding security holes in UnixWare 7.

Fixes to the following list of problems are being developed at the moment,
and patches will be published in the next 7 working days (on or before
December 24th). The problems being addressed are

- UnixWare read/modify users' mail
- UnixWare gain root with non su/gid binaries
- UnixWare coredumps follow symlinks
- UnixWare pkg* command exploits
- Fundamental flaw in UnixWare 7 security.

--
Andrew Malcolm, SCO Security Group.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12979] in bugtraq

Recent postings about SCO UnixWare 7

daemon@ATHENA.MIT.EDU (Andrew Malcolm)Wed Dec 15 19:38:15 1999

daemon@ATHENA.MIT.EDU (Andrew Malcolm)
Wed Dec 15 19:38:15 1999