Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:3669
HistoryOct 23, 2002 - 12:00 a.m.

Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service

2002-10-2300:00:00
vulners.com
19

EPSS

0

Percentile

5.1%

JSON

To: [email protected] [email protected] [email protected]
[email protected]

                    SCO Security Advisory

Subject: UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes
denial-of-service
Advisory number: CSSA-2002-SCO.41
Issue date: 2002 October 21
Cross reference:

  1. Problem Description

     An rcp of /proc by a normal user can cause the entire system
 to be unusable.

  2. Vulnerable Supported Versions

     System                          Binaries
 ----------------------------------------------------------------------
 UnixWare 7.1.1                  /etc/conf/pack.d/fs/Driver_atup.o
                                 /etc/conf/pack.d/fs/Driver_mp.o
 Open UNIX 8.0.0                 /etc/conf/pack.d/fs/Driver_atup.o
                                 /etc/conf/pack.d/fs/Driver_mp.o

  3. Solution

     The proper solution is to install the latest packages.

  4. UnixWare 7.1.1

     4.1 Location of Fixed Binaries

 ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41


 4.2 Verification

 MD5 (erg712112c.pkg.Z) = 106da290e2483bc7aba11d7f486b50c4

 md5 is available for download from
         ftp://ftp.sco.com/pub/security/tools


 4.3 Installing Fixed Binaries

 Upgrade the affected binaries with the following sequence:

 Download erg712112c.pkg.Z to the /var/spool/pkg directory

 # uncompress /var/spool/pkg/erg712112c.pkg.Z
 # pkgadd -d /var/spool/pkg/erg712112c.pkg

  5. Open UNIX 8.0.0

     5.1 Location of Fixed Binaries

 ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.41


 5.2 Verification

 MD5 (erg712112d.pkg.Z) = b0e485feccbbe76aefb4061f9b7e6192

 md5 is available for download from
         ftp://ftp.sco.com/pub/security/tools


 5.3 Installing Fixed Binaries

 Upgrade the affected binaries with the following sequence:

 Download erg712112d.pkg.Z to the /var/spool/pkg directory

 # uncompress /var/spool/pkg/erg712112d.pkg.Z
 # pkgadd -d /var/spool/pkg/erg712112d.pkg

  6. References

     Specific references for this advisory:
         http://mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1231

 SCO security resources:
         http://www.sco.com/support/security/index.html

 This security fix closes SCO incidents sr868418, fz525927,
 erg712112.

  7. Disclaimer

     SCO is not responsible for the misuse of any of the information
 we provide on this website and/or through our security
 advisories. Our advisories are a service to our customers
 intended to promote secure installation and use of SCO
 products.

Related

cve 1
nvd 1
cvelist 1
cve
cve
CVE-2002-1231
2004-09-01 04:00:00
nvd
nvd
CVE-2002-1231
2002-11-04 05:00:00
cvelist
cvelist
CVE-2002-1231
2004-09-01 04:00:00

EPSS

0

Percentile

5.1%

JSON
Related for SECURITYVULNS:DOC:3669
cve1nvd1cvelist1