To: firstname.lastname@example.org email@example.com firstname.lastname@example.org
Caldera International, Inc. Security Advisory
Subject: OpenServer: dlvr_audit: exploitable buffer overflow Advisory number: CSSA-2002-SCO.8 Issue date: 2002 March 11 Cross reference:
The dlvr_audit command has an exploitable buffer overflow that can be used by a malicious user to become root.
Vulnerable Supported Versions
Operating System Version Affected Files ------------------------------------------------------------------ OpenServer 5.0.5, 5.0.6 /etc/auth/dlvr_audit This has already been fixed in OpenServer 5.0.6a.
4.1 Location of Fixed Binaries
MD5 (oss645a) = ebfbb4d2931fb83e8ccc2390868bb11f md5 is available for download from ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands: *************** IMPORTANT NOTE: You MUST first install "SLS OSS640A: BIND Update" before attempting to install this SLS. SLS OSS640A installs files that are necessary for OSS645A (this SLS) to function properly. *************** 1. Download the OSS645A media image file (ftp.caldera.com/pub/openserver5/oss645a), place the file in the /tmp directory and rename the file by typing these commands: mv /tmp/oss645a /tmp/VOL.000.000 2. Run the Software Manager with the command: # scoadmin software or double-click on the Software Manager icon in the desktop. 3. Pull down the "Software" menu and select "Install New". 4. When prompted for the host from which to install, choose the local machine and then "Continue". 5. In the "Select Media" menu, pull down the "Media Device" menu. Select "Media Images", then choose "Continue". 6. When prompted for the "Image Directory", enter "/tmp" (or the directory where you placed the VOL file in step 1) and choose "OK". 7. When prompted to select software to install, make sure that the "OSS645A: Audit Subsystem Security Supplement" entry is highlighted. Choose "Install". 8. Installation of SLS OSS645A is now complete. To exit the Software Manager, select "Exit" from the "Host" menu.
ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.8/ This and other advisories are located at http://stage.caldera.com/support/security This advisory addresses Caldera Security internal incidents erg377672, SCO-247-295.
Caldera International, Inc. is not responsible for the misuse of any of the information we provide on our website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera International products.
This vulnerability was discovered and researched by Tomasz Kusmeirz.