<<< Date Index >>>     <<< Thread Index >>>

UnixWare 7.1.3 Open UNIX 8.0.0 : Sendmail: buffer overflow in versions 8.12.8 and prior.



To: announce@xxxxxxxxxxxxx bugtraq@xxxxxxxxxxxxxxxxx full-disclosure@xxxxxxxxxxx
s.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

                        SCO Security Advisory

Subject:                UnixWare 7.1.3 Open UNIX 8.0.0 : Sendmail: buffer 
overflow in versions 8.12.8 and prior.
Advisory number:        CSSA-2003-SCO.23
Issue date:             2003 September 22
Cross reference:        sr876458 fz527629 erg712276
______________________________________________________________________________


1. Problem Description

        There is a remotely exploitable vulnerability in sendmail
        that could allow an attacker to gain control of a vulnerable
        sendmail server. 
        
        Due to a variable type conversion problem (char to signed int), 
        sendmail may not adequately check the length of address tokens. 
        A specially crafted email message could trigger a stack overflow. 

        This vulnerability was discovered by Michal Zalewski. 

        The Common Vulnerabilities and Exposures project (cve.mitre.org) 
        has assigned the name CAN-2003-0161 to this issue.


2. Vulnerable Supported Versions

        System                          Binaries
        ----------------------------------------------------------------------
        UnixWare 7.1.3          
        Open UNIX 8.0.0         

3. Solution

        The proper solution is to install the latest packages.


4. UnixWare 7.1.3

        4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.23


        4.2 Verification

        MD5 (erg712433.Z) = 67be4523e9286555bc3fbf1a51a6d72c

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools


        4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        Unknown installation method


5. Open UNIX 8.0.0

        5.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2003-SCO.23


        5.2 Verification

        MD5 (erg712433.Z) = 67be4523e9286555bc3fbf1a51a6d72c

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools


        5.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        Unknown installation method


6. References

        Specific references for this advisory:
                http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0161

        SCO security resources:
                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr876458 fz527629
        erg712276.


7. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers
        intended to promote secure installation and use of SCO
        products.


8. Acknowledgments

        SCO would like to thank Michal Zalewski for notifying
        Sendmail, Inc., and the Sendmail Consortium.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (SCO/UNIX_SVR5)

iD8DBQE/dMdhaqoBO7ipriERAo/cAJ92b72GZEB4R+YKmXjLcxxMEasuwACglEyM
y/ryWP9mlJers+g8/LxpCIg=
=s6gB
-----END PGP SIGNATURE-----