From sco-security@caldera.com Wed Oct 3 08:37:35 2001 From: sco-security@caldera.com To: bugtraq@securityfocus.com, security-announce@lists.securityportal.com, an=@caldera.com Date: Mon, 1 Oct 2001 10:58:05 -0700 Subject: Security Update: [CSSA-2001-SCO.21] Open Unix, UnixWare 7: dtaction argument buffer overflow To: bugtraq@securityfocus.com security-announce@lists.securityportal.com announce@lists.caldera.com scoannmod@xenitec.on.ca ___________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Open Unix, UnixWare 7: dtaction argument buffer overflow Advisory number: CSSA-2001-SCO.21 Issue date: 2001 October 1 Cross reference: ___________________________________________________________________________ 1. Problem Description Very long arguments to the dtaction command cause an argument buffer overflow. This could be used by an unauthorized user to gain privilege. 2. Vulnerable Versions Operating System Version Affected Files ------------------------------------------------------------------ UnixWare 7 All /usr/dt/bin/dtaction Open Unix 8.0.0 /usr/dt/bin/dtaction 3. Workaround None. 4. UnixWare 7 4.1 Location of Fixed Binaries ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.21/ 4.2 Verification md5 checksums: 73300a4b513babf273c56ff67a4ff60e dtaction.Z md5 is available for download from ftp://stage.caldera.com/pub/security/tools/ 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following commands: # mv /usr/dt/bin/dtaction /usr/dt/bin/dtaction- # uncompress /tmp/dtaction.Z # cp dtaction /usr/dt/bin # cd /usr/dt/bin # chown root dtaction # chgrp sys dtaction # chmod 6555 dtaction 5. References This and other advisories are located at http://stage.caldera.com/support/security This advisory addresses Caldera Security internal incident sr847409. 6. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on our website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera International products. 7. Acknowledgements Caldera International wishes to thank KF for discovering and reporting this problem. ___________________________________________________________________________ [Part 2, Application/PGP-SIGNATURE 245bytes] [Unable to print this part]