Security Update: [CSSA-2002-SCO.8] OpenServer: dlvr_audit: exploitable buffer overflow

2002-03-13T00:00:00
ID SECURITYVULNS:DOC:2631
Type securityvulns
Reporter Securityvulns
Modified 2002-03-13T00:00:00

Description

To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.on.ca


        Caldera International, Inc. Security Advisory

Subject: OpenServer: dlvr_audit: exploitable buffer overflow Advisory number: CSSA-2002-SCO.8 Issue date: 2002 March 11 Cross reference:


  1. Problem Description

    The dlvr_audit command has an exploitable buffer overflow that
    can be used by a malicious user to become root.
    
  2. Vulnerable Supported Versions

    Operating System        Version         Affected Files
    ------------------------------------------------------------------
    OpenServer              5.0.5, 5.0.6    /etc/auth/dlvr_audit
    
    This has already been fixed in OpenServer 5.0.6a.
    
  3. Workaround

    None.
    
  4. OpenServer

4.1 Location of Fixed Binaries

    ftp:ftp.caldera.com/pub/openserver5/oss645a

4.2 Verification

    MD5 (oss645a) = ebfbb4d2931fb83e8ccc2390868bb11f

    md5 is available for download from
            ftp://stage.caldera.com/pub/security/tools/

4.3 Installing Fixed Binaries

    Upgrade the affected binaries with the following commands:

    ***************
    IMPORTANT NOTE:

    You MUST first install "SLS OSS640A: BIND Update" before
    attempting to install this SLS.  SLS OSS640A installs files
    that are necessary for OSS645A (this SLS) to function
    properly.

    ***************

    1. Download the OSS645A media image file
       (ftp.caldera.com/pub/openserver5/oss645a), place the file
       in the /tmp directory and rename the file by typing these
       commands:

          mv /tmp/oss645a /tmp/VOL.000.000

    2. Run the Software Manager with the command:

          # scoadmin software

       or double-click on the Software Manager icon in the
       desktop.

    3. Pull down the "Software" menu and select "Install New".

    4. When prompted for the host from which to install, choose
       the local machine and then "Continue".

    5. In the "Select Media" menu, pull down the "Media Device"
       menu.  Select "Media Images", then choose "Continue".

    6. When prompted for the "Image Directory", enter "/tmp" (or
       the directory where you placed the VOL file in step 1) and
       choose "OK".

    7. When prompted to select software to install, make sure that
       the "OSS645A: Audit Subsystem Security Supplement" entry is
       highlighted.  Choose "Install".

    8. Installation of SLS OSS645A is now complete.  To exit the
       Software Manager, select "Exit" from the "Host" menu.
  1. References

    ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/
    
    This and other advisories are located at
            http://stage.caldera.com/support/security
    
    This advisory addresses Caldera Security internal incidents
    erg377672, SCO-247-295.
    
  2. Disclaimer

    Caldera International, Inc. is not responsible for the misuse
    of any of the information we provide on our website and/or
    through our security advisories. Our advisories are a service
    to our customers intended to promote secure installation and
    use of Caldera International products.
    
  3. Acknowledgements

    This vulnerability was discovered and researched by Tomasz
    Kusmeirz.