Date: Thu, 7 Feb 2002 11:55:05 -0800
From: security@caldera.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2002-SCO.3] UnixWare 7: message catalog environment variable vulnerability
--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.=
on.ca
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: UnixWare 7: message catalog environment variable vulnerability
Advisory number: CSSA-2002-SCO.3
Issue date: 2002 February 7
Cross reference:
___________________________________________________________________________
1. Problem Description
=09
The library functions that manipulated message catalogs could
be subverted via environment variables to use a user's own
message catalogs, possibly causing a set{uid,gid} program to
memory fault, allowing the possibility of a privilege
escalation vulnerability.
2. Vulnerable Supported Versions
Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7 7.1.1 /usr/lib/libc.so.1
3. Workaround
None.
4. UnixWare 7
4.1 Location of Fixed Binaries
ftp://stage.caldera.com/pub/security/unixware/CSSA-2002-SCO.3/
4.2 Verification
MD5 (erg711179.Z) =3D 89b893bc581c8b9601a95a9271268c47
md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download erg711179.Z to the /tmp directory
# uncompress /tmp/erg711179.Z
# pkgadd -d /tmp/erg711179
5. References
This and other advisories are located at
http://stage.caldera.com/support/security
This advisory addresses Caldera Security internal incidents
sr859904, fz512992, erg711179.
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
7. Acknowledgements
Caldera would like to thank jggm JeGalGhongMyeung
<jggm@mail.com> for the discovery and research of this
vulnerability.
___________________________________________________________________________
--AhhlLboLdkugWU4S
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjxi25kACgkQaqoBO7ipriGQBQCghzgoYxvUHTRwBdH3nhXGiQ62
MlUAn1ScEfmM86chBuHh8vdP7vRtKxGv
=ZW9C
-----END PGP SIGNATURE-----
--AhhlLboLdkugWU4S--
