lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20051020154619.A5402@caldera.com>
Date: Thu, 20 Oct 2005 15:46:19 -0700
From: please_reply_to_security@....com
To: security-announce@...t.sco.com, bugtraq@...urityfocus.com,
	full-disclosure@...ts.grok.org.uk
Subject: UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer
	overflow



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

			SCO Security Advisory

Subject:		UnixWare 7.1.4 UnixWare 7.1.3 : ppp buffer overflow
Advisory number: 	SCOSA-2005.41
Issue date: 		2005 October 20
Cross reference:	sr894991 fz532994 erg712940 CAN-2005-2927
______________________________________________________________________________


1. Problem Description

	iDEFENSE has identified a Buffer Overflow vulnerability in
	SCO Unixware ppp prompt. Local exploitation of a buffer
	overflow vulnerability in the ppp binary, allows attackers 
	to gain root privileges. 

	This could lead to the execution of arbitrary code with root
	privileges, as ppp is setuid root by default. 

	The Common Vulnerabilities and Exposures project (cve.mitre.org) 
	has assigned the following name CAN-2005-2927 to this issue.

2. Vulnerable Supported Versions

	System				Binaries
	----------------------------------------------------------------------
	UnixWare 7.1.4 			/usr/bin/ppptalk
	UnixWare 7.1.3 			/usr/bin/ppptalk

3. Solution

	The proper solution is to install the latest packages.

4. UnixWare 7.1.4

	4.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.41

	4.2 Verification

	MD5 (erg712940.uw714.pkg.Z) = d47a9958e6dfd44c9b95e1d9489011f4

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

	4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	Download erg712940.uw714.pkg.Z to the /var/spool/pkg directory

	# uncompress /var/spool/pkg/erg712940.uw714.pkg.Z
	# pkgadd -d /var/spool/pkg/erg712940.uw714.pkg


5. UnixWare 7.1.3

	5.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.41

	5.2 Verification

	MD5 (erg712940.uw713.pkg.Z) = 474799fc2cda9db5c486880599e1cdcc

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

	5.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	Download erg712940.uw713.pkg.Z to the /var/spool/pkg directory

	# uncompress /var/spool/pkg/erg712940.uw713.pkg.Z
	# pkgadd -d /var/spool/pkg/erg712940.uw713.pkg


6. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2927

	SCO security resources:
		http://www.sco.com/support/security/index.html

	SCO security advisories via email
		http://www.sco.com/support/forums/security.html

	This security fix closes SCO incidents sr894991 fz532994
	erg712940.


7. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.


8. Acknowledgments

	The SCO Group would like to thank iDefense for discovering and
	reporting this weakness.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAkNX5ZkACgkQaqoBO7ipriGOfQCgqXtzz8CfZImq2AYbNNRFHWf3
wxQAn3uS7ub+wfZ6/mmWiSrhqchVAHVP
=H1lb
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ