11th Dec 2001 [SBWID-4916]
COMMAND
in.timed
SYSTEMS AFFECTED
All?
PROBLEM
In caldera advisory [CSSA-2001-SCO.39]
The timed program does not enforce null-termination of strings in
certain situations. It is possible that this could be used by a
malicious user to perform a remote denial-of-service attack.
SOLUTION
If the in.timed service is not needed, it may be disabled.
Caldera has released a patch :
ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.39/
TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH
