<<< Date Index >>>     <<< Thread Index >>>

UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and directory traversal issues fixed.



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

                        SCO Security Advisory

Subject:                UnixWare 7.1.4 UnixWare 7.1.3 : cpio race condition and 
directory traversal issues fixed.
Advisory number:        SCOSA-2005.32
Issue date:             2005 August 18
Cross reference:        sr893934 fz532333 erg712854 CAN-2005-1111 CAN-2005-1229 
______________________________________________________________________________


1. Problem Description

        A race condition in cpio 2.6 and earlier allows local users
        to modify permissions of arbitrary files via a hard link
        attack on a file while it is being decompressed, whose
        permissions are changed by cpio after the decompression
        is complete. 

        The Common Vulnerabilities and Exposures project (cve.mitre.org) 
        has assigned the name CAN-2005-1111 to this issue 

        A directory traversal vulnerability in cpio 2.6 and earlier 
        allows remote attackers to write to arbitrary directories 
        via a .. (dot dot) in a cpio file. 

        The Common Vulnerabilities and Exposures project (cve.mitre.org) has
        assigned the name CAN-2005-1229 to this issue


2. Vulnerable Supported Versions

        System                          Binaries
        ----------------------------------------------------------------------
        UnixWare 7.1.4                  /bin/cpio
        UnixWare 7.1.3                  /bin/cpio


3. Solution

        The proper solution is to install the latest packages.


4. UnixWare 7.1.4

        4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32

        4.2 Verification

        MD5 (erg712854.uw714.pkg.Z) = a12807ae0a69d88a3b4f0ed7a014f3ef

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools

        4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        Download erg712854.uw714.pkg.Z to the /var/spool/pkg directory

        # uncompress /var/spool/pkg/erg712854.uw714.pkg.Z
        # pkgadd -d /var/spool/pkg/erg712854.uw714.pkg


5. UnixWare 7.1.3

        5.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.32

        5.2 Verification

        MD5 (erg712854.uw713.pkg.Z) = 0b514e72f094c21d8c49b359d05e8e7e

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools

        5.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        Download erg712854.uw713.pkg.Z to the /var/spool/pkg directory

        # uncompress /var/spool/pkg/erg712854.uw713.pkg.Z
        # pkgadd -d /var/spool/pkg/erg712854.uw713.pkg


6. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229
                http://xforce.iss.net/xforce/xfdb/20204

        SCO security resources:
                http://www.sco.com/support/security/index.html

        SCO security advisories via email
                http://www.sco.com/support/forums/security.html

        This security fix closes SCO incidents sr893934 fz532333
        erg712854.


7. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers
        intended to promote secure installation and use of SCO
        products.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (SCO/SYSV)

iD8DBQFDBOeMaqoBO7ipriERAuRJAJ0cYodhPtdCH7kyiaeMrdtCJTNMdACfVd/E
QoE27v9zH1rVoPsC+4yIx6A=
=QNAv
-----END PGP SIGNATURE-----