lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 4 Nov 2003 09:35:48 -0800
Subject: UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : CDE libDtHelp buffer overflow

To: full-disclosure@...ts.n

Hash: SHA1


			SCO Security Advisory

Subject:		UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : CDE libDtHelp buffer overflow
Advisory number: 	CSSA-2003-SCO.31
Issue date: 		2003 October 31
Cross reference:	sr885326 fz528372 erg712445 CAN-2003-083 CERT VU#575804

1. Problem Description

	The Common Desktop Environment (CDE) is a standard desktop
	environment for UNIX based systems. CDE libDTHelp contains
	a buffer overflow that can be exploited by a local user
	using specially crafted environment variables.
	An authenticated local user may be able to execute arbitrary
	code with root privileges. There is a possibility that a
	user can set the crafted environment variable to gain
	elevated privileges during initialization of the dtHelp
	application, or applications which link to libtDtHelp.

	The Common Vulnerabilities and Exposures project (
	has assigned the name CAN-2003-0834 to this issue. CERT has
	assigned the name VU#575804 to this issue

2. Vulnerable Supported Versions

	System				Binaries
	UnixWare 7.1.3 		/usr/dt/lib/
	Open UNIX 8.0.0 	/usr/dt/lib/
	UnixWare 7.1.1 		/usr/dt/lib/

3. Solution

	The proper solution is to install the latest packages.

4. UnixWare 7.1.3 / Open UNIX 8.0.0 / UnixWare 7.1.1

	4.1 Location of Fixed Binaries

	4.2 Verification

	MD5 (erg712445.pkg.Z) = ecd4aaba3c6d0f7a22b7d2812fc9a174

	md5 is available for download from

	4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	Download erg712445.pkg.Z to the /var/spool/pkg directory

	# uncompress /var/spool/pkg/erg712445.pkg.Z
	# pkgadd -d /var/spool/pkg/erg712445.pkg

5. References

	Specific references for this advisory:

	SCO security resources:

	This security fix closes SCO incidents sr885326 fz528372

6. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO

7. Acknowledgments

	SCO would like to thank Kevin Kotas from Computer Associates
	Intl. eTrust eVM


Version: GnuPG v1.2.3 (SCO/UNIX_SVR5)


Powered by blists - more mailing lists