Date: Mon, 16 Apr 2001 16:48:00 -0700
From: Albert Fu <[email protected]>
To: [email protected]Subject: SSE074: (SCO) UnixWare 7 NTP buffer overflow fix
This is a multi-part message in MIME format.
--------------3CD41101156C62CEB93DC8FC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
---------------------------------------------------
TOPIC: NTP remote buffer overflow
PRODUCTS AFFECTED: UnixWare 7.1.0 and 7.1.1
PATCH: System Security Enhancement (SSE) SSE074
PATCH LOCATION: ftp://ftp.sco.com/SSE/sse074.Zftp://ftp.sco.com/SSE/sse074.ltr
SUMMARY: potentially exploitable buffer overflow fixed by SSE074
DATE: April 16, 2001
---------------------------------------------------
NOTE: SSE073, released last week, is for SCO OpenServer 5.
--------------3CD41101156C62CEB93DC8FC
Content-Type: text/plain; charset=us-ascii;
name="sse074.ltr"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="sse074.ltr"
System Security Enhancement (SSE) SSE074 - 16-April-2001
Dear SCO Customer,
System Security Enhancement sse074, the ntp buffer overflow fix, addresses the
following problems:
Problem Fixed
-------------
A buffer overflow was found by Przemyslaw Frasunek
<[email protected]> in the NTP daemon. Full exploit details
can be found in the BUGTRAQ archive
http://www.securityfocus.com/archive/1/174011
Contents
--------
/usr/sbin/in.xntpd
/usr/sbin/ntp_authspeed
/usr/sbin/ntpdate
/usr/sbin/ntpq
/usr/sbin/ntptrace
/usr/sbin/xntpdc
Checksums
---------
MD5 (sse074): ac29239a7fedca5aac20f637360c2af5
`sum -lr sse074`: 2869293884 727
Warning
-------
This is a fix package produced by SCO Escalations
and is not intended for general distribution.
It has been produced to address a particular problem
and has not been tested in all system configurations.
Software Notes and Recommendations
----------------------------------
sse074 should only be installed on:
UnixWare 7.1.0 or 7.1.1
If your system is running any libraries or commands that are
contained in this patch, then these programs will continue to run
with the old versions of these libraries or commands until the
the system is rebooted.
Note that when all necessary patches have been installed, it is
good practice to reboot the system at the earliest opportunity.
This will ensure that no programs continue to run with the old
libraries or commands.
Installation Instructions
-------------------------
1. Download the sse074.Z file to the /tmp directory on your machine.
2. As root, uncompress the file and add the package to your system
using these commands:
$ su
Password: <type your root password>
# uncompress /tmp/sse074.Z
# pkgadd -d /tmp/sse074
# rm /tmp/sse074
Alternatively, this patch package may be installed in quiet mode,
that is, without displaying the release notes and asking for
confirmation. To do this, use these commands:
$ su
Password: <type your root password>
# uncompress /tmp/sse074.Z
# pkgadd -qd /tmp/sse074 all
# rm /tmp/sse074
3. There is no need to reboot the system after installing this package.
The release notes displayed prior to installation can be found in:
/var/sadm/pkg/sse074/install/sse074.txt
Removal Instructions
--------------------
1. As root, remove the package using these commands:
$ su
Password: <type your root password>
# pkgrm sse074
2. There is no need to reboot the system after removing this package.
If you have questions regarding this supplement, or the product on
which it is installed, please contact your software supplier.
References
----------
The vulnerability addressed in this patch was found by:
Przemyslaw Frasunek <[email protected]>
For more details, see the following BUGTRAQ archive:
http://www.securityfocus.com/archive/1/174011
Disclaimer
----------
SCO believes that this patch addresses the reported vulnerabilities.
However, in order that it be released as soon as possible, this patch
has not been fully tested or packaged to SCO's normal exacting
standards. For that reason, this patch is not officially supported.
Official supported and packaged fixes for current SCO products will
be available in due course.
--------------3CD41101156C62CEB93DC8FC--
