![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: "tigger@caldera.com.8.Aug.101.12":05.PDT@graphics-muse.org
To: announce@lists.caldera.com, bugtraq@securityfocus.com
Subject: Security Update: [CSSA-2001-SCO.10]: OpenServer: /etc/telnetd buffer
overflow
Date: Wed, 08 Aug 2001 11:19:54 -0700
To: announce@lists.caldera.com bugtraq@securityfocus.com
security-announce@lists.securityportal.com
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: OpenServer 5.0.5, 5.0.6: telnetd buffer overflow
Advisory number: CSSA-2001-SCO.10
Issue date: 2001 August 7
Cross reference:
___________________________________________________________________________
1. Problem Description
The telnet daemon /etc/telnetd is subject to a buffer
overflow problem that could be used by a malicious user to
gain unauthorized access to a system.
2. Vulnerable Versions
Operating System Version Affected Files
------------------------------------------------------------------
OpenServer 5 All /etc/telnetd
3. Workaround
None.
4. OpenServer
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/security/openserver/sr849876/
4.2 Verification
md5 checksums:
a3fead5326b361cc9a94f0376fdf0f10 telnetd.Z
5e7d80c80b1ac2fcde9fc227f6793881 libresolv.so.1.Z
a5b4e98ace9c64b2129ca53688a98650 libsocket.so.2.Z
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools/
4.3 Installing Fixed Binaries
Save the erg711793a.Z compressed tar archive into /tmp, and
install/upgrade the affected binaries with the following commands:
# cd /tmp
# uncompress erg711793a.Z
# tar xvf erg711793a
# uncompress telnetd
# mv /etc/telnetd /etc/telnetd.old
# cp telnetd /etc
# chown bin:bin /etc/telnetd
# chmod 711 /etc/telnetd
In addition, on any pre-5.0.6 system, or on any 5.0.6 system
without rs506a, execute the following commands:
# uncompress libsocket.so.2
# uncompress libresolv.so.1
# cp libresolv.so.1 /usr/lib
# cp libsocket.so.2 /usr/lib
# chown bin:bin /usr/lib/libresolv.so.1
# chown bin:bin /usr/lib/libsocket.so.2
# chmod 555 /usr/lib/libresolv.so.1
# chmod 555 /usr/lib/libsocket.so.2
5. References
http://www.calderasystems.com/support/security/index.html
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
7.Acknowledgements
Caldera International would like to thank Sebastian
<scut@nb.in-berlin.de> for his posting on bugtraq, and KF
<dotslash@snosoft.com> for reporting the problem to us.
___________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEABECAAYFAjtwgocACgkQom1bqoqwkdT4VgCffDi3JtUqtDbxip/qOBbDvi+0
gWcAoIaurZJPLfJt2N7UpdMmFY8Pto7Q
=w6aP
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: announce-unsubscribe@lists.caldera.com
For additional commands, e-mail: announce-help@lists.caldera.com