Bugtraq mailing list archives

CERT Vendor-Initiated Bulletin VB-96.15 - SCO Security Bulletin

From: cert-advisory () cert org (CERT Bulletin)
Date: Mon, 16 Sep 1996 23:43:35 -0500


-----BEGIN PGP SIGNED MESSAGE-----

=============================================================================
CERT(sm) Vendor-Initiated Bulletin VB-96.15
September 16, 1996

Topic: Patch for system call security issue
Source: The Santa Cruz Operation

To aid in the wide distribution of essential security information, the CERT
Coordination Center is forwarding the following information from The Santa
Cruz Operation. They urge you to act on this information as soon as possible.
Contact information for The Santa Cruz Operation is included in the forwarded
text below; please contact them if you have any questions or need further
information.

Please note that The Santa Cruz Operation intends to update this
bulletin as new information becomes available. Please check their
server from time to time for updates to this file:

     ftp://ftp.sco.COM/SSE/security_bulletins/SB.96:02a


=======================FORWARDED TEXT STARTS HERE============================

===========================================================================
SCO Security Bulletin 96:002
September 4, 1996
Patch for system call security issue
- ---------------------------------------------------------------------------

The Santa Cruz Operation has discovered the following problem present in
our software:

I.   Description

     A problem in a particular system call may allow unauthorized
     access to the system. The resulting access may lead to unauthorized
     root access to the system.

II.  Impact

     Any user with an account on the system may be able to gain
     unauthorized access to system or user files, which may then lead to
     unauthorized root access.

III. Releases

     This problem exists on the following releases of SCO products:

        SCO(R) UnixWare(R) release 2.0.x and 2.1.0

IV. Solution

     SCO is providing Program Temporary Fix (PTF) 3063 to address the
     issue. This PTF is available for SCO UnixWare release 2.1.0. SCO intends
     to release a PTF for SCO UnixWare release 2.0.3 in the near future.

     A workaround for users of SCO UnixWare release 2.0.x or for those
     who are not yet able to install this PTF follows:

     As root, execute these commands on the system console:

        # /etc/conf/bin/idtune -f RSTCHOWN 1
        # /etc/conf/bin/idbuild -B
        # init 6

     This procedure sets a kernel parameter that prevents the problem from
     occuring, relinks the kernel, and reboots the system.

You can download the PTF as follows:

Anonymous ftp   (World Wide Web URL)
- -------------

        ftp://ftp.sco.COM/UW21/ptf3063.Z     (patch image, compressed)
        ftp://ftp.sco.COM/UW21/ptf3063.txt   (cover letter/installation notes)

Compuserve
- ----------

PTF 3063 is also available in the UNIXWARE forum on Compuserve.


SCO Online Support (SOS) BBS
- ----------------------------

PTF 3063 can also be downloaded interactively via X, Y, or Z MODEM or Kermit,
using the SCO Online Support System (SOS). Follow the menus selections under
"Toolchest" from the main SOS menu.

The phone numbers available for interactive transfer from SOS are:

1-408-426-9495                  (USA)
+44 (0)1923 210 888             (United Kingdom)

Checksums
- ---------

MD5
- ---

MD5 (ptf3063.Z) = 1093420123c9bff603bd3c32a3867dcd
MD5 (ptf3063.txt) = 0ffa24e5e0d9a8caf8f4076149d782c3

sum -r (on UnixWare)
- ------

48571   391 ptf3063.Z
20546     3 ptf3063.txt

This bulletin is available for anonymous ftp download from
ftp://ftp.sco.COM/SSE/security_bulletins/SB.96:02a, and will be updated
as new information becomes available.

If you have further questions, contact your support provider.  If you
need to contact SCO, please send electronic mail to support () sco COM, or
contact SCO as follows.

        USA/Canada: 6am-5pm Pacific Daylight Time (PDT)
        -----------
        1-800-347-4381  (voice)
        1-408-427-5443  (fax)

        Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
        ------------------------------------------------ Daylight Time
                                                         (PDT)
        1-408-425-4726  (voice)
        1-408-427-5443  (fax)

        Europe, Middle East, Africa: 9am-5:30pm Greenwich Mean Time (GMT)
        ----------------------------
        +44 (0)1923 816344 (voice)
        +44 (0)1923 817781 (fax)



========================FORWARDED TEXT ENDS HERE=============================

If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in the Forum of Incident Response
and Security Teams (FIRST).

We strongly urge you to encrypt any sensitive information you send by email.
The CERT Coordination Center can support a shared DES key and PGP. Contact
the CERT staff for more information.

Location of CERT PGP key
         ftp://info.cert.org/pub/CERT_PGP.key


CERT Contact Information
- ------------------------
Email    cert () cert org

Phone    +1 412-268-7090 (24-hour hotline)
                CERT personnel answer 8:30-5:00 p.m. EST
                (GMT-5)/EDT(GMT-4), and are on call for
                emergencies during other hours.

Fax      +1 412-268-6989

Postal address
        CERT Coordination Center
        Software Engineering Institute
        Carnegie Mellon University
        Pittsburgh PA 15213-3890
        USA

CERT publications, information about FIRST representatives, and other
security-related information are available from
        http://www.cert.org/
        ftp://info.cert.org/pub/

CERT advisories and bulletins are also posted on the USENET newsgroup
        comp.security.announce

To be added to our mailing list for CERT advisories and bulletins, send your
email address to
        cert-advisory-request () cert org


CERT is a service mark of Carnegie Mellon University.

This file: ftp://info.cert.org/pub/cert_bulletins/VB-96.15.sco



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMj14SXVP+x0t4w7BAQHLxAP+L6U21ViaGXeIHNTSDHhOC+cZdXL+TLrP
MdEPugWAHDCOUXxZuYo49jYobJ+cO3nqyw+gqi5clZOaWJ7ChM1pWBiD1Abuu3hi
Y39yBKFmJ7Ra3Zvbk/GLEcpShp+5YRUPmF6Lenf3nfze6WmXUUKXm12YKq5Gt8hB
J64cQEpOvoE=
=kg5h
-----END PGP SIGNATURE-----

Current thread:

Re: SecurID White Paper - A Comment Vin McLellan (Sep 10)
- Re: SecurID White Paper - A Comment Adam Shostack (Sep 10)
- Re: SecurID White Paper - A Comment Alan Cox (Sep 11)
- <Possible follow-ups>
- Re: SecurID White Paper - A Comment Mike Neuman (Sep 11)
- Re: SecurID White Paper - A Comment Vin McLellan (Sep 13)
  - Re: SecurID White Paper - A Comment Alan Cox (Sep 16)
    - Re: SecurID White Paper - A Comment carson () lehman com (Sep 16)
    - Vunerability in HP SAM ? John W. Jacobi (Sep 16)
    - Re: SecurID White Paper - A Comment Elliot Lee (Sep 16)
    - CERT Vendor-Initiated Bulletin VB-96.15 - SCO Security Bulletin CERT Bulletin (Sep 16)
  - Re: SecurID White Paper - A Comment What we're dealing with here is a blatant disrespect of the law! (Sep 16)
  - SecurID Peiter Z (Sep 17)
- Re: SecurID White Paper - A Comment Vin McLellan (Sep 16)