Bugtraq mailing list archives

Security Update: [CSSA-2002-SCO.17] OpenServer 5.0.5 : sar -o buffer overflow

From: security () caldera com
Date: Wed, 1 May 2002 18:03:15 -0700

To: bugtraq () securityfocus com announce () lists caldera com scoannmod () xenitec on ca


______________________________________________________________________________

                Caldera International, Inc.  Security Advisory

Subject:                OpenServer 5.0.5 : sar -o buffer overflow
Advisory number:        CSSA-2002-SCO.17
Issue date:             2002 May 01
Cross reference:
______________________________________________________________________________


1. Problem Description

        If the /usr/bin/sar command is given an exceedingly long
        argument to the o option, it will memory fault. This could
        allow a malicious user to elevate their permissions.


2. Vulnerable Supported Versions

        System                          Binary
        ----------------------------------------------------------------------
        OpenServer 5.0.5                /usr/bin/sar
                                        /usr/lib/sa/sadc
                                        /usr/bin/cpusar
                                        /usr/bin/mpsar

3. Solution

        The proper solution is to install the latest packages.


4. OpenServer 5.0.5

        4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.17


        4.2 Verification

        MD5 (VOL.000.000) = f912fe801263863956c257c4ef395570

        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/


        4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        1) Download the VOL* files to the /tmp directory

        Run the custom command, specify an install from media images,
        and specify the /tmp directory as the location of the images.


5. References

        Specific references for this advisory:
                none

        Caldera UNIX security resources:
                http://stage.caldera.com/support/security/

        Caldera OpenLinux security resources:
                http://www.caldera.com/support/security/index.html

        This security fix closes Caldera incidents sr862424, fz520480,
        erg712003.


6. Disclaimer

        Caldera International, Inc. is not responsible for the
        misuse of any of the information we provide on this website
        and/or through our security advisories. Our advisories are
        a service to our customers intended to promote secure
        installation and use of Caldera products.


7. Acknowledgements

        Caldera would like to thank KF <dotslash () snosoft com> for
        discovering this problem, researching it, and alerting us.
        And being patient, too.

______________________________________________________________________________

Attachment: _bin
Description:

Current thread:

Security Update: [CSSA-2002-SCO.17] OpenServer 5.0.5 : sar -o buffer overflow security (May 02)