[21832] in bugtraq
Security Update: [CSSA-2001-SCO.7] OpenUnix, UnixWare: su buffer overflow
daemon@ATHENA.MIT.EDU (sco-security@caldera.com)
Tue Jul 24 18:32:33 2001
Message-Id: <200107242212.f6OMC0O00613@ergo.uss.ca.caldera.com>
To: bugtraq@securityfocus.com, security-announce@lists.securityportal.com,
an=@caldera.com
From: sco-security@caldera.com
Date: Tue, 24 Jul 2001 15:12:00 -0700
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="A6N2fC+uXW/VQSAv"
Content-Disposition: inline
--A6N2fC+uXW/VQSAv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: bugtraq@securityfocus.com security-announce@lists.securityportal.com an=
nounce@lists.caldera.com
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: OpenUnix, UnixWare: su buffer overflow
Advisory number: CSSA-2001-SCO.7
Issue date: 2001 July 24
Cross reference:
___________________________________________________________________________
1. Problem Description
=09
Long values of the TERM variable can cause the su command to
have a memory fault. This might be exploited by an
unauthorized user to gain privileges.
2. Vulnerable Versions
Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7 All /usr/bin/su
/sbin/su
OpenUnix 8 8.0.0 /usr/bin/su
/sbin/su
3. Workaround
None.
4. UnixWare 7
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/security/unixware/sr849768/
4.2 Verification
md5 checksums:
=09
1381b35641cce39556d9d8365a170821 erg711787a.Z
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
# uncompress /tmp/erg711787a.Z
# pkgadd -d /tmp/erg711787a
5. OpenUnix 8
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/security/openunix/sr849768/
4.2 Verification
md5 checksums:
=09
1381b35641cce39556d9d8365a170821 erg711787a.Z
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
# uncompress /tmp/erg711787a.Z
# pkgadd -d /tmp/erg711787a
6. References
http://www.calderasystems.com/support/security/index.html
7. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
8.Acknowledgements
Caldera International wishes to thank KF<dotslash@snosoft.com>
for reporting the problem.
=20
___________________________________________________________________________
--A6N2fC+uXW/VQSAv
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjtd8rAACgkQaqoBO7ipriGv4ACfVYcqEDykZJDxzXf4cPNgcFWL
/ncAoKu7B3YFOBoj8tQe+Yp5h5c8XxHF
=RL+k
-----END PGP SIGNATURE-----
--A6N2fC+uXW/VQSAv--
