-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Cross-site Scripting Vulnerability in docview (htdig) Advisory number: SCOSA-2005.45 Issue date: 2005 November 02 Cross reference: sr893246 fz531483 erg712807 CVE-2005-0085 ______________________________________________________________________________ 1. Problem Description Cross-site scripting vulnerability in docview (htdig) allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0085 to this issue. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- UnixWare 7.1.3 /usr/bin/htsearch UnixWare 7.1.4 /usr/bin/htsearch 3. Solution The proper solution is to install the latest packages. 4. UnixWare 7.1.3 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.45/713 4.2 Verification 486315f201bc414087b9b8614174f85f erg712807.Z md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712807.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712807.Z # pkgadd -d /var/spool/pkg/erg712807 5. UnixWare 7.1.4 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.45/714 5.2 Verification 86a153577d647ccf0c94e870fa817c32 erg712807.Z md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712807.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712807.Z # pkgadd -d /var/spool/pkg/erg712807 6. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0085 http://securitytracker.com/id?1013078 http://xforce.iss.net/xforce/xfdb/19223 SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893246 fz531483 erg712807. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 8. Acknowledgments SCO would like to thank Michael Krax for reporting this vulnerability. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (UnixWare) iD8DBQFDaSBqaqoBO7ipriERAgd/AKCI86ak85GPTMdFfpxQz3caGbJ2VQCeJ4sr Dl13BBed11W+ikgZu5ZDA8I= =4CDB -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/