Date: Tue, 21 Jan 2003 14:09:18 -0800
From: security@caldera.com
To: bugtraq@securityfocus.com, announce@lists.caldera.com,
Subject: Security Update: [CSSA-2003-005.0] Linux: canna buffer overflow and denial of service
--S1BNGpv0yoYahz37
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com full-disclosure@lists.netsys.com
______________________________________________________________________________
SCO Security Advisory
Subject: Linux: canna buffer overflow and denial of service
Advisory number: CSSA-2003-005.0
Issue date: 2003 January 21
Cross reference:
______________________________________________________________________________
1. Problem Description
Buffer overflow in canna allows local users to execute
arbitrary code as the bin user.
canna does not properly validate requests, which allows remote
attackers to cause a denial of service or information leak.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to canna-3.5b2-8.i386.rpm
prior to canna-devel-3.5b2-8.i386.rpm
prior to canna-devel-static-3.5b2-8.i386.rpm
OpenLinux 3.1.1 Workstation prior to canna-3.5b2-8.i386.rpm
prior to canna-devel-3.5b2-8.i386.rpm
prior to canna-devel-static-3.5b2-8.i386.rpm
3. Solution
The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-005.0/RPMS
4.2 Packages
91acd89bd9041e06c0a22e4d73b5bb1f canna-3.5b2-8.i386.rpm
890df673f86a9e3ef23d1770e75cc5e8 canna-devel-3.5b2-8.i386.rpm
513aedd7b706851975e4cee968a2c66a canna-devel-static-3.5b2-8.i386.rpm
4.3 Installation
rpm -Fvh canna-3.5b2-8.i386.rpm
rpm -Fvh canna-devel-3.5b2-8.i386.rpm
rpm -Fvh canna-devel-static-3.5b2-8.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-005.0/SRPMS
4.5 Source Packages
3e92b7252f01b1cb0e074cbe1bcd9227 canna-3.5b2-8.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-005.0/RPMS
5.2 Packages
198b5ab5f66121a177db0090a727552d canna-3.5b2-8.i386.rpm
17f7e5c1090eae3842b0e96e24d24852 canna-devel-3.5b2-8.i386.rpm
00c131c99ffc54975e1a7c1b2b95441f canna-devel-static-3.5b2-8.i386.rpm
5.3 Installation
rpm -Fvh canna-3.5b2-8.i386.rpm
rpm -Fvh canna-devel-3.5b2-8.i386.rpm
rpm -Fvh canna-devel-static-3.5b2-8.i386.rpm
5.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-005.0/SRPMS
5.5 Source Packages
e824ab48c8e0e363d36ed1ad6b105b0c canna-3.5b2-8.src.rpm
6. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1158http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1159
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr873579, fz527128,
erg712199.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
8. Acknowledgements
Shinra Aida of the Canna project and "hsj" of Shadow Penguin
Security discovered and researched these vulnerabilities.
______________________________________________________________________________
--S1BNGpv0yoYahz37
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj4txQ4ACgkQbluZssSXDTGS3gCg55hxC3heZakZPWxjS9fgIgxe
/lAAn3jiCdBAKNkrPUNDXchC68OIUxRB
=WPZs
-----END PGP SIGNATURE-----
--S1BNGpv0yoYahz37--
