Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » CSSA-2002-SCO.40-OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access v

CSSA-2002-SCO.40-OpenServer 5.0.5 OpenServer 5.0.6 : ypxfrd remote file access v

by Nikola Strahija on October 11th, 2002 There is a vulnerability in ypxfrd that allows a local user (possibly remote) to read any file on a system running the daemon.


2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
OpenServer 5.0.5 /etc/ypxfrd
OpenServer 5.0.6 /etc/ypxfrd


3. Solution

The proper solution is to install the latest packages.


4. OpenServer 5.0.5

4.1 Location of Fixed Binaries

ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40


4.2 Verification

MD5 (VOL.000.000) = 62683d366d60f0a4e61bc51c32355c6a

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following commands:

1) Download the VOL* files to the /tmp directory

Run the custom command, specify an install from media images,
and specify the /tmp directory as the location of the images.


5. OpenServer 5.0.6

5.1 Location of Fixed Binaries

ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40


5.2 Verification

MD5 (VOL.000.000) = 62683d366d60f0a4e61bc51c32355c6a

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


5.3 Installing Fixed Binaries

Upgrade the affected binaries with the following commands:

1) Download the VOL* files to the /tmp directory

Run the custom command, specify an install from media images,
and specify the /tmp directory as the location of the images.


6. References

Specific references for this advisory:
http://www.kb.cert.org/vuls/id/538033
http://isec.pl/vulnerabilities/0006.txt

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr868669, fz525993,
erg712121.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.


8. Acknowledgements

Janusz Niewiadomski of iSEC Security
Research discovered and researched this vulnerability.

______________________________________________________________________________



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »