TUCoPS :: SCO :: cs2sco04.txt

Open UNIX, UnixWare 7: snmpd memory fault vulnerabilities - Caldera Advisory CSSA-2002-SCO.4

To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.on.ca

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject:                Open UNIX, UnixWare 7: snmpd memory fault vulnerabilities
Advisory number:        CSSA-2002-SCO.4
Issue date:             2002 February 12
Cross reference:
___________________________________________________________________________


1. Problem Description
        
        The University of Oulu (Finland) wrote approximately 53000
        tests for snmpd error conditions.  For Open UNIX and UnixWare,
        94 of the tests caused snmpd to memory fault. This could lead
        to denial-of-service attacks, or possible local and remote
        root acquisition.


2. Vulnerable Supported Versions

        Operating System        Version         Affected Files
        ------------------------------------------------------------------
        Open UNIX               8.0.0           /usr/lib/libsnmp.so
        UnixWare 7              7.1.1           /usr/lib/libsnmp.so
        UnixWare 7              7.1.0           /usr/lib/libsnmp.so


3. Workaround

        If snmp is not a needed service:

        add an 'exit 0' statement (without the single quotes) as the
        first executable line of /etc/rc2.d/S73snmp,

                -or-

        remove the execute bits from the in.snmpd binary,

                # chmod 0 /usr/sbin/in.snmpd


4. Open UNIX 8.0.0

  4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/


  4.2 Verification

        MD5 (erg711937.Z) = 62f81d5f7e0c5e0f4a2704e015d37fc4


        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/


  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        Download erg711937.Z to the /tmp directory

        # uncompress /tmp/erg711937.Z
        # pkgadd -d /tmp/erg711937


5. UnixWare 7.1.1

  5.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/


  5.2 Verification

        MD5 (erg711937b.Z) = 09b8dbdb080e5588c6f61669ea914af7


        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/


  5.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        Download erg711937b.Z to the /tmp directory

        # uncompress /tmp/erg711937b.Z
        # pkgadd -d /tmp/erg711937b


6. UnixWare 7.1.0

  6.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.4/


  6.2 Verification

        MD5 (erg711937c.Z) = f15696cfc2b9f0afc1b0432bb311151a


        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/


  6.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        Download erg711937c.Z to the /tmp directory

        # uncompress /tmp/erg711937c.Z
        # pkgadd -d /tmp/erg711937c


7. References

        http://www.cert.org/advisories/CA-2002-03.html


        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory addresses Caldera Security internal incidents
        sr858479, fz519781, erg711937.


8. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International products.


9. Acknowledgements

        This vulnerability was discovered and researched by the
        University of Oulu (oulu.fi).

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH