[22875] in bugtraq
Security Update: [CSSA-2001-SCO.28] Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability
daemon@ATHENA.MIT.EDU (sco-security@caldera.com)
Tue Oct 16 22:13:03 2001
To: bugtraq@securityfocus.com, security-announce@lists.securityportal.com,
an=@caldera.com
From: sco-security@caldera.com
Date: Tue, 16 Oct 2001 16:15:06 -0700
Message-ID: <20011016161506.P20021@caldera.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="h31gzZEtNLTqOjlF"
Content-Disposition: inline
--h31gzZEtNLTqOjlF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: bugtraq@securityfocus.com security-announce@lists.securityportal.com an=
nounce@lists.caldera.com scoannmod@xenitec.on.ca
Do not reply to this mail. This security advisory is being sent from a
nonexistent address in order to avoid spam problems. Caldera's
contact address for UNIX security issues is security-alert@caldera.com.
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: Open UNIX, UnixWare 7: rpc.ttdbserverd format string vulnerability
Advisory number: CSSA-2001-SCO.28
Issue date: 2001 October 16
Cross reference:
___________________________________________________________________________
1. Problem Description
=09
The rpc.ttdbserverd command is vulnerable to a format string
attack. This could be used by an unauthorized user to gain
privilege.
2. Vulnerable Versions
Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7 All /usr/dt/bin/rpc.ttdbserverd
Open UNIX 8.0.0 /usr/dt/bin/rpc.ttdbserverd
3. Workaround
None.
4. UnixWare 7, Open UNIX 8
4.1 Location of Fixed Binaries
ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.28/
4.2 Verification
md5 checksums:
=09
b15a904dd742eb1263429b00fb1a1c20 erg711831.Z
md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
# uncompress /tmp/erg711831.Z
# pkgadd -d /tmp/erg711831
5. References
http://www.securityfocus.com/archive/1/217901
http://www.securityfocus.com/advisories/3583
This and other advisories are located at
http://stage.caldera.com/support/security
This advisory addresses Caldera Security internal incidents
sr851392, fz518746 and erg711831.
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
7. Acknowledgements
This vulnerability was discovered and researched by Mark Dowd
of the ISS X-Force.
=20
___________________________________________________________________________
--h31gzZEtNLTqOjlF
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjvMv3oACgkQaqoBO7ipriGaEgCcD3yctUtbaf8mjyWhkFepTxNG
CcsAn0QtFQjEAdBSCriF1LRRTrRRwF+W
=znXN
-----END PGP SIGNATURE-----
--h31gzZEtNLTqOjlF--
