lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040728205525.3F8451618C@helix.pdev.ca.sco.com>
Date: Wed, 28 Jul 2004 13:55:25 -0700 (PDT)
From: please_reply_to_security@....com
To: security-announce@...t.sco.com, bugtraq@...urityfocus.com,
	full-disclosure@...ts.netsys.com
Subject: UnixWare 7.1.3up : tcpdump several vulnerabilities in tcpdump.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

			SCO Security Advisory

Subject:		UnixWare 7.1.3up : tcpdump several vulnerabilities in tcpdump.
Advisory number: 	SCOSA-2004.9
Issue date: 		2004 July 28
Cross reference:	sr889195 fz528784 erg712544 
			CAN-2004-0055 CAN-2004-0057 CAN-2003-0989
			CERT Vulnerability Note VU#955526
			CERT Vulnerability Note VU#174086
			CERT Vulnerability Note VU#738518
______________________________________________________________________________


1. Problem Description

	tcpdump is a widely-used network sniffer. 

	The issues with tcpdump are present only on UnixWare 7.1.3up and 
	not on previous versions of UnixWare 7.1.3 or earlier including
	Open Unix 8.0.0, because the version of tcpdump UnixWare 7.1.3 
	and before is 3.4a5 and it doesn't contain these issues.

	Remote  attackers  could  potentially  exploit  these 
	vulnerabilities by sending carefully-crafted network packets 
	to a victim. If the victim is running tcpdump, these packets 	
	could result in a denial of service, or possibly execute 
	arbitrary code. 

	Jonathan Heusser discovered a flaw in the print_attr_string 
	function in the RADIUS decoding routines for tcpdump 3.8.1 
	and earlier. The CERT Coordination Center has assigned the 
	following  Vulnerability  Note  VU#955526.   The  Common 
	Vulnerabilities and Exposures project (cve.mitre.org) has 
	assigned the following name CAN-2004-0055 to this issue. 

	Jonathan Heusser discovered an additional flaw in the ISAKMP 
	decoding routines for tcpdump 3.8.1 and earlier. The CERT 
	Coordination Center has assigned the following Vulnerability 
	Note VU#174086.  The Common Vulnerabilities and Exposures 
	project (cve.mitre.org) has assigned the following name 
	CAN-2004-0057 to this issue.

	George Bakos discovered flaws in the ISAKMP decoding routines
	of tcpdump versions prior to 3.8.1. The CERT Coordination
	Center has assigned the following Vulnerability Note
	VU#738518. The Common Vulnerabilities and Exposures project
	(cve.mitre.org) has assigned the following name CAN-2003-0989
	to this issue. 

2. Vulnerable Supported Versions

	System				Binaries
	----------------------------------------------------------------------
	UnixWare 7.1.3up		/usr/sbin/tcpdump	

3. Solution

	The proper solution is to install the latest packages.


4. UnixWare 7.1.3up

	4.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/unixware7/713/uw713up/

	4.2 Verification

	4e9ca2c8b0ea102ceb56a7061fd2a8e1  uw713up4CDimage.iso
	0ba3e06b8b9b2a1c77b9c9f90740f0db  uw713up4scoxCDimage.iso
	ecc8c95d093352fbdb353fefa2a7f01d  uw714CD3image.iso
	1273f2719d5629e30c90f6ac890d8be2  uw714udkCDimage.iso
	c7a7d80de62ca1ef05dd0531f31c773b  scox-wss.iso

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

	4.3 Installing Fixed Binaries

	Please refer to the release notes for installation instructions
	that are located in the same directory as the fixed binaries.

	relnotes-up4.html
	relnotes-up4.txt
	relnotes-up4.pdf

	relnotes-scox-wss.txt
	relnotes-scox-wss.html

	relnotes-udk.txt
	relnotes-udk.html

5. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0055 
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0989 
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0057
		http://www.kb.cert.org/vuls/id/174086
		http://www.kb.cert.org/vuls/id/738518
		http://www.kb.cert.org/vuls/id/955526

	SCO security resources:
		http://www.sco.com/support/security/index.html
	SCO security advisories via email
		http://www.sco.com/support/forums/security.html

	This security fix closes SCO incidents sr889195 fz528784
	erg712544.


6. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this web site and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)

iD8DBQFBCBFnaqoBO7ipriERAlrEAJ0bcfYHrVxRo/6afuhyWmHpJmbx+wCgkvio
jGTwdQn9Sw5fyrf7BC/7e2g=
=2Spz
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ