| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200310032302.h93N2oS08819@rafiki.ca.caldera.com> Date: Fri, 3 Oct 2003 16:02:50 -0700 From: security@....com To: announce@...ts.sco.com, bugtraq@...urityfocus.com, security-alerts@...uxsecurity.com, full-disclosure@...ts.netsys.com Subject: OpenLinux: wget: Buffer overflow To: announce@...ts.sco.com bugtraq@...urityfocus.com security-alerts@...uxsecurity.com full-disclosure@...ts.netsys.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: OpenLinux: wget: Buffer overflow Advisory number: CSSA-2003-025.0 Issue date: 2003 October 03 Cross reference: sr883607 fz528216 erg712410 CAN-2003-1565 ______________________________________________________________________________ 1. Problem Description wget is a freely available network utility to retrieve files using HTTP and FTP. Stefano Zacchirol found a buffer overflow vulnerability in the code that handles URLs in wget. An attacker can create a long (more than 256 characters), specially crafted URL that when parsed by wget can cause the execution of arbitrary code or program misbehavior. The packages included in this update fix the problem by unconditionally terminating long URLs in all cases. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-1565 to this issue. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to wget-1.8.2-1.i386.rpm OpenLinux 3.1.1 Workstation prior to wget-1.8.2-1.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server//RPMS 4.2 Packages c60a6e417ac41287973735f2c82d461c wget-1.8.2-1.i386.rpm 4.3 Installation rpm -Fvh wget-1.8.2-1.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server//SRPMS 4.5 Source Packages 8ef3938fd5d49cc029b43c6b21cef9e0 wget-1.8.2-1.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation//RPMS 5.2 Packages 1c0c42afd39e6d6183b9abf4cc07d039 wget-1.8.2-1.i386.rpm 5.3 Installation rpm -Fvh wget-1.8.2-1.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation//SRPMS 5.5 Source Packages 932ee4ea3cc81a649735fcf691352be2 wget-1.8.2-1.src.rpm 6. References Specific references for this advisory: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1565 http://marc.theaimsgroup.com/?l=bugtraq&m=105474357016184&w=2 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr883607 fz528216 erg712410. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 8. Acknowledgements SCO would like to thank Stefano Zacchirol. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj998ZcACgkQbluZssSXDTGU0ACg0y9nrB9igVfqXEhvVQ+81FnU RToAn0aQdzBn9VFiwRyAa1b7ZGU+R+iT =hgWo -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists