Date: Tue, 9 Oct 2001 10:55:26 -0700
From: [email protected]
To: [email protected], [email protected],
Subject: Security Update: [CSSA-2001-SCO.24] OpenServer: shell here-documents allow various security breaches
--5xSkJheCpeK0RUEJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: [email protected][email protected] an=
[email protected][email protected]
Do not reply to this mail. This security advisory is being sent from a
nonexistent address in order to avoid spam problems. Caldera's
contact address for UNIX security issues is [email protected].
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: OpenServer: shell here-documents allow various security breaches
Advisory number: CSSA-2001-SCO.24
Issue date: 2001 October 9
Cross reference:
___________________________________________________________________________
1. Problem Description
=09
Shell here-document processing is vulnerable to a variety of
security attacks.
2. Vulnerable Versions
Operating System Version Affected Files
------------------------------------------------------------------
OpenServer <=3D 5.0.6a /bin/sh
/sbin/sh
/bin/csh
/bin/ksh
/usr/bin/euc/ksh
/usr/lib/scosh/utilbin/oash
3. Workaround
None.
4. OpenServer
4.1 Location of Fixed Binaries
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.24/
4.2 Verification
md5 checksums:
=09
76a2c883b71361ebb1180169e849734b shells.tar.Z
md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
# uncompress /tmp/shells.tar.Z
# for i in /bin/csh /bin/ksh /bin/sh /sbin/sh /usr/bin/euc/ksh /usr/lib/sc=
osh/utilbin/oash
> do
> mv $i ${i}-
> done
# cd /
# tar xvf /tmp/shells.tar
5. References
http://www.kb.cert.org/vuls/id/10277
This and other advisories are located at
http://stage.caldera.com/support/security
This advisory addresses Caldera Security internal incident
sr847825.
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
7. Acknowledgements
The original discoverer of this vulnerability was Gordon Irlam
of the Univeristy of Adelaide, Australia.
=20
___________________________________________________________________________
--5xSkJheCpeK0RUEJ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjvDOg4ACgkQaqoBO7ipriEZ5gCgqw6PTmWyX829EQhTduzUisvp
dHsAnAhnptmV2yzcB5vIPp76TimGf90R
=B8FQ
-----END PGP SIGNATURE-----
--5xSkJheCpeK0RUEJ--
