|
This is a multi-part message in MIME format. ------=_NextPart_000_005C_01C39EE0.E7AF63C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit ----- Original Message ----- From: <security@sco.com> To: <bugtraq@securityfocus.com>; <announce@lists.caldera.com>; <security-alerts@linuxsecurity.com> Sent: Tuesday, May 13, 2003 12:23 PM Subject: Security Update: [CSSA-2003-021.0] OpenLinux: mgetty caller ID buffer overflow and spool perm vulnerabilities ------=_NextPart_000_005C_01C39EE0.E7AF63C0 Content-Type: text/plain; name="ATT00081.txt" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="ATT00081.txt" To: bugtraq@securityfocus.com announce@lists.caldera.com = security-alerts@linuxsecurity.com _________________________________________________________________________= _____ SCO Security Advisory Subject: OpenLinux: mgetty caller ID buffer overflow and spool perm = vulnerabilities Advisory number: CSSA-2003-021.0 Issue date: 2003 May 13 Cross reference: _________________________________________________________________________= _____ 1. Problem Description mgetty will overflow an internal buffer if the caller name reported by the modem is too long. The faxspool spooling directory used for outgoing faxes was world-writable. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to mgetty-1.1.22_Aug17-13.i386.rpm OpenLinux 3.1.1 Workstation prior to mgetty-1.1.22_Aug17-13.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location = ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-021.0/RPMS= 4.2 Packages be191369c6a4c96ea8bfacfc4e9842ac mgetty-1.1.22_Aug17-13.i386.rpm 4.3 Installation rpm -Fvh mgetty-1.1.22_Aug17-13.i386.rpm 4.4 Source Package Location = ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-021.0/SRPM= S 4.5 Source Packages cff0b40ec866ac025898a0a8c629d29a mgetty-1.1.22_Aug17-13.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location = ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-021.0= /RPMS 5.2 Packages ffe360af815ee57e3f55d29ebdfe8023 mgetty-1.1.22_Aug17-13.i386.rpm 5.3 Installation rpm -Fvh mgetty-1.1.22_Aug17-13.i386.rpm 5.4 Source Package Location = ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-021.0= /SRPMS 5.5 Source Packages eeea9f8538004266355c7ff6e2c649d9 mgetty-1.1.22_Aug17-13.src.rpm 6. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2002-1391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2002-1392 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr876805, fz527691, erg712287. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. _________________________________________________________________________= _____ ------=_NextPart_000_005C_01C39EE0.E7AF63C0 Content-Type: application/octet-stream; name="ATT00084.dat" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ATT00084.dat" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SCO_SV) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj7BVFgACgkQbluZssSXDTHhhwCfTweF0hrH9P6yhBz0WRYIgMDe wtEAn24bzOAoO7VRsptZTe3hZOsgDY/8 =NsMN -----END PGP SIGNATURE----- ------=_NextPart_000_005C_01C39EE0.E7AF63C0--