Date: Mon, 11 Mar 2002 17:10:17 -0800
From: security@caldera.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2002-SCO.9] OpenServer: IPFilter may incorrectly pass packets
--MfFXiAuoTsnnDAfZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.=
on.ca=20
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: OpenServer: IPFilter may incorrectly pass packets
Advisory number: CSSA-2002-SCO.9
Issue date: 2002 March 11
Cross reference:
___________________________________________________________________________
1. Problem Description
When matching a packet fragment, insufficient checks were
performed to ensure the fragment is valid. Malicious remote
users may be able to bypass filtering rules, allowing them to
potentially circumvent the firewall.
2. Vulnerable Supported Versions
Operating System Version Affected Files
------------------------------------------------------------------
OpenServer <=3D 5.0.6a /etc/ipnat
/etc/ipfnat
/etc/conf/pack.d/ipl/Driver.o
/etc/ipmon
/etc/ipfstat
/etc/ipf
3. Workaround
None.
4. OpenServer
4.1 Location of Fixed Binaries
ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.9/
4.2 Verification
MD5 (erg711678) =3D 7608023bdd367331a8088a92b114db5c
md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download erg711678 to the /tmp directory
# cd /tmp
# tar xvf erg711678
Run the custom command, specify an install from media images,
and specify the /tmp directory as the location of the images.
5. References
This and other advisories are located at
http://stage.caldera.com/support/security
This advisory addresses Caldera Security internal incidents
SCO-236-1763, erg711678
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
7. Acknowledgements
Caldera would like to admit borrowing the problem description
text from FreeBSD security advisory FreeBSD-SA-01:32.
___________________________________________________________________________
--MfFXiAuoTsnnDAfZ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjyNVXkACgkQaqoBO7ipriEa9QCfSDu5P9TWfIo6vyPZ/szM4Gsu
qZIAn1mKiuh/B0f4yTNcN6aLTsnXH0QU
=gMJl
-----END PGP SIGNATURE-----
--MfFXiAuoTsnnDAfZ--
