Date: Fri, 11 Oct 2002 16:08:15 -0700
From: [email protected]
To: [email protected], [email protected],
Subject: Security Update: [CSSA-2002-SCO.39] OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries
--FCuugMFkClbJLl1L
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
To: [email protected][email protected][email protected][email protected]
______________________________________________________________________________
SCO Security Advisory
Subject: OpenServer 5.0.5 OpenServer 5.0.6 : Buffer Overflow in Multiple DNS Resolver Libraries
Advisory number: CSSA-2002-SCO.39
Issue date: 2002 October 11
Cross reference:
______________________________________________________________________________
1. Problem Description
From CERT CA-2002-19: A buffer overflow vulnerability exists
in multiple implementations of DNS resolver libraries.
Operating systems and applications that utilize vulnerable
DNS resolver libraries may be affected. A remote attacker
who is able to send malicious DNS responses could potentially
exploit this vulnerability to execute arbitrary code or
cause a denial of service on a vulnerable system.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
OpenServer 5.0.5 /etc/named
/etc/named-xfer
/etc/dig
/etc/host
/etc/nsupdate
/etc/dnsquery
/etc/addr
/etc/dnskeygen
/etc/ndc
/usr/bin/nslookup
/usr/lib/libresolv.so.1
/usr/lib/libresolv.so
/usr/lib/libsocket.so.2
/usr/lib/libp/libresolv.so.1
/usr/lib/libp/libresolv.so
/usr/lib/libp/libsocket.so.2
/usr/lib/libp/libresolv.a
/usr/lib/libp/libsocket.a
/usr/lib/libresolv.a
/usr/lib/libsocket.a
/usr/include/arpa/nameser.h
/usr/include/resolv.h
/usr/include/netdb.h
/usr/include/rpc/raw.h
OpenServer 5.0.6 /etc/named
/etc/named-xfer
/etc/dig
/etc/host
/etc/nsupdate
/etc/dnsquery
/etc/addr
/etc/dnskeygen
/etc/ndc
/usr/bin/nslookup
/usr/lib/libresolv.so.1
/usr/lib/libresolv.so
/usr/lib/libsocket.so.2
/usr/lib/libp/libresolv.so.1
/usr/lib/libp/libresolv.so
/usr/lib/libp/libsocket.so.2
/usr/lib/libp/libresolv.a
/usr/lib/libp/libsocket.a
/usr/lib/libresolv.a
/usr/lib/libsocket.a
/usr/include/arpa/nameser.h
/usr/include/resolv.h
/usr/include/netdb.h
/usr/include/rpc/raw.h
3. Solution
The proper solution is to install the latest packages.
4. OpenServer 5.0.5
4.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.39
4.2 Verification
MD5 (VOL.000.000) = e2521962d5f6004c7c4a78c149806123
MD5 (VOL.001.000) = 4ee7bee645809f331d18f8ce27e72e82
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
1) Download the VOL* files to the /tmp directory
Run the custom command, specify an install from media images,
and specify the /tmp directory as the location of the images.
5. OpenServer 5.0.6
5.1 Location of Fixed Binaries
ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.39
5.2 Verification
MD5 (VOL.000.000) = e2521962d5f6004c7c4a78c149806123
MD5 (VOL.001.000) = 4ee7bee645809f331d18f8ce27e72e82
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
1) Download the VOL* files to the /tmp directory
Run the custom command, specify an install from media images,
and specify the /tmp directory as the location of the images.
6. References
Specific references for this advisory:
http://www.cert.org/advisories/CA-2002-19.htmlhttp://www.pine.nl/advisories/pine-cert-20020601.asc
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr866550, fz521495,
erg501625.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
8. Acknowledgements
Joost Pol <[email protected]> discovered and researched this
vulnerability.
______________________________________________________________________________
--FCuugMFkClbJLl1L
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj2nWd8ACgkQaqoBO7ipriHMPQCfeQBYo6wPLq6VldRwfLbAxPbU
GQcAnA0rn9I5vNz+UE0SfodOZ7GU0LRu
=ZH+j
-----END PGP SIGNATURE-----
--FCuugMFkClbJLl1L--
