Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » CSSA-2002-SCO.5.1: REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted pas

CSSA-2002-SCO.5.1: REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted pas

by Nikola Strahija on February 19th, 2002 The first version of this advisory specifically mentioned a file that was, indeed, readable by others and contained the encrypted root password, but the directories leading up to it were not searchable. Therefore, it was not a true vulnerability. After some research, Caldera has discovered files that are accessible to others that do contain information that might be used to compromise the system's security. After installation of the product, several files are left readable by all users. These files contain, among other things, encrypted passwords.


Vulnerable Supported Versions

Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7 All /usr/ns-home/admserv/admpw
/usr/internet/httpd/admserv/admpw
Open UNIX 8.0.0 /usr/ns-home/admserv/admpw
/usr/internet/httpd/admserv/admpw
/var/sadm/pkg/update800/install/morepkgs/scripts/debug.out
OpenServer All /var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
/var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file


3. Solution

3.1 UnixWare 7

Caldera recommends that all affected systems change
the file modes of the following files to be readable
only by root:

# chmod 400 /usr/ns-home/admserv/admpw
# chmod 400 /usr/internet/httpd/admserv/admpw

In addition, Caldera also recommends that you change
the root and owner passwords.

3.2 Open UNIX

Caldera recommends that all affected systems change
the file modes of the following files to be readable
only by root:

# chmod 400 /usr/ns-home/admserv/admpw
# chmod 400 /usr/internet/httpd/admserv/admpw
# chmod 400 /var/sadm/pkg/update800/install/morepkgs/scripts/debug.out

In addition, Caldera also recommends that you change
the root and owner passwords.

3.3 OpenServer

Caldera recommends that all affected systems change
the file modes of the following files to be readable
only by root:

# chmod 400 /var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
# chmod 400 /var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file

In addition, Caldera also recommends that you change
the root password.


4. References

ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.5.1/

This and other advisories are located at
http://stage.caldera.com/support/security

This advisory addresses Caldera Security internal incident
sr860350.


5. Disclaimer

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »