nmap vs. inetd on Caldera (ex-SCO) OpenServer, Re: DoS bug on Tru64

[Bela Lubkin <belal () caldera com>]

Jethro Rose wrote:

> I am unsure if it is a known problem (I'm fairly new to this list), however 
> I managed to cause our SCO OpenServer 5.0 box to exhibit similar behavior, 
> by simply running nmap (out of curiosity) against it with:
>
> nmap -v -v -O <ip of sco box>
>
> This was some time ago - I just put it down to SCO's dodgy per-connection 
> licensing scheme and made a mental note to not scan that box - we didn't 
> have a console available (only way into it via telnetd), so I couldn't 
> verify whether or not it was only inetd that crashed.

See ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.33/
for a corrected inetd binary.

"5.0" isn't a precise OpenServer version number, versions have been
5.0.0, 5.0.2, 5.0.4, 5.0.5, 5.0.6.  Run `uname -X` to get the precise
version.

The above fix is labeled for 5.0.5 only (fixed in 5.0.6), but I believe
the binary will work on 5.0.0 and later if you install a shared library
update, ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/.

> Bela<