Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » [CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate

[CSSA-2002-SCO.44] UnixWare 7.1.1 Open UNIX 8.0.0 : uudecode performs inadequate

by Nikola Strahija on December 12th, 2002 If an attacker can convince a user to invoke uudecode on a malicious file without reviewing the included file name, the attacker can cause the user to overwrite any file accessible by the user.


If the victim user has root privileges, the
attacker can exploit this vulnerability to overwrite
arbitrary files. With respect to symbolic links and named
pipes, attackers who exploit this vulnerability can alter the
normal operation of system scripts and running processes,
significantly increasing the risk of system compromise.


2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
UnixWare 7.1.1 /usr/bin/uudecode
Open UNIX 8.0.0 /usr/bin/uudecode


3. Solution

The proper solution is to install the latest packages.


4. UnixWare 7.1.1

4.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.44


4.2 Verification

MD5 (erg712093.pkg.Z) = e893c7c27e181a576fa2289ee807884d

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

Download erg712093.pkg.Z to the /var/spool/pkg directory

# uncompress /var/spool/pkg/erg712093.pkg.Z
# pkgadd -d /var/spool/pkg/erg712093.pkg


5. Open UNIX 8.0.0

5.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2002-SCO.44


5.2 Verification

MD5 (erg712093.pkg.Z) = e893c7c27e181a576fa2289ee807884d

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


5.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

Download erg712093.pkg.Z to the /var/spool/pkg directory

# uncompress /var/spool/pkg/erg712093.pkg.Z
# pkgadd -d /var/spool/pkg/erg712093.pkg


6. References

Specific references for this advisory:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0178
http://www.kb.cert.org/vuls/id/336083
http://www.aerasec.de/security/index.html?id=ae-200204-033&lang=en

SCO security resources:

http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr866875, fz521051,
erg712093.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.


8. Acknowledgements

AERAsec discovered and researched this vulnerability.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »