what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

FA-98-91.html

FA-98-91.html
Posted Sep 23, 1999

FA-98-91.html

SHA-256 | 2f8100e4eb6c6d5ea9c97f341bc6a57e7660118b0e38e801cc17024be7f8f1bb
Download | Favorite | View

FA-98-91.html

Change Mirror Download
<!DOCTYPE  HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML>
<HEAD>
<TITLE>FedCIRC Advisory</TITLE>
<STYLE TYPE="text/css">
  A:hover {color:red; }
  </STYLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<!--  Header -->
<TABLE>
<TR>
<TD>
<IMG SRC="http://attrition.org/security/working3.gif" WIDTH="87" HEIGHT="93" ALT="FedCIRC Logo"></TD>
<TD>
<H2>FedCIRC Advisory FA-98-91</H2>
</TD>
</TR>
</TABLE>
<BR>
<BLOCKQUOTE>


Original issue date: October 13, 1998
<BR>Source: SCO
<P>              
<HR>
<H1>Topic: Security Vulnerabilities in "mscreen" Serial Multiscreens Utility</H1>
<HR>
<P>
To aid in the wide distribution of essential security information, FedCIRC is
forwarding the following information from SCO.  SCO urges you to act on this
information as soon as possible. SCO contact information is included in the
forwarded text below; please contact them if you have any questions or need
further information.
<P>
<PRE>

=======================FORWARDED TEXT STARTS HERE============================

===========================================================================
SCO Security Bulletin 98.05
October 6, 1998
Security Vulnerabilities in "mscreen" Serial Multiscreens Utility
---------------------------------------------------------------------------

I.   Description

Security vulnerabilities have been discovered in the SCO "mscreen"
serial multiscreens utility.

II.  Impact

The vulnerabilities could allow local users to gain root privileges.

An exploit script for one of the vulnerabilities has been published,
so we recommend that the patch described below be installed on all
affected systems as soon as possible.

III. Releases

This problem exists on the following releases of SCO operating systems:

     - SCO Open Desktop/Open Server 3.0 (all, also SCO UNIX 3.2v4)
     - SCO OpenServer 5.0 (all, also SCO Internet FastStart)
     - SCO CMW+ 3.0
  
Other SCO products are not affected.

IV.  Solution

For SCO CMW+, the mscreen utility is non-functional; however, a binary
is installed on the system with the set-user-id attribute.  This should
be disabled by executing the following command logged in as root:

  # chmod 0 /usr/bin/mscreen

For SCO OpenServer 5 and SCO Open Desktop/Open Server 3, SCO is providing
an interim patch to address this issue in the form of a System Security
Enhancement (SSE) package.

SSE016 contains new versions of the mscreen binary for each system type.
It is available for Internet download via anonymous ftp, and from the
SCOFORUM on Compuserve.

You can download the SSE package as follows:

Anonymous ftp (World Wide Web URL):

    ftp://ftp.sco.COM/SSE/sse016.ltr    (cover letter, ASCII text)
    ftp://ftp.sco.COM/SSE/sse016.tar.Z  (new binaries, compressed tar file)

Compuserve:

    GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames:

  SSE016.LTR  (cover letter, ASCII text)
  SSE016.TAZ  (new binaries, compressed tar file)

Checksums (sum -r):

    15726     5 sse016.ltr
    31228    64 sse016.tar.Z

V.   Updates

This bulletin is available for anonymous ftp download from
ftp://ftp.sco.COM/SSE/security_bulletins/SB-98.05a, and will be
updated as new information becomes available.

The latest information on security vulnerabilities and fixes from
SCO is available on the world-wide web at http://www.sco.com/security/

VI.  Further Information:

If you have further questions, contact your support provider.  If you
need to contact SCO, please send electronic mail to support@sco.COM, or
contact SCO as follows.

    USA/Canada: 6am-5pm Pacific Time (PST/PDT)
    -----------
    1-800-347-4381  (voice)
    1-408-427-5443  (fax)

    Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
    ------------------------------------------------ Time (PST/PDT)
    1-408-425-4726  (voice)
    1-408-427-5443  (fax)

    Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
    ----------------------------
    +44 (0)1923 816344 (voice)
    +44 (0)1923 817781 (fax)


========================FORWARDED TEXT ENDS HERE=============================

</PRE>

<!--  End Content --->
<!--  Revision Date -->


<P>
If you believe that your system has been compromised, contact FedCIRC. We
strongly urge you to encrypt sensitive information sent by email. We can
support a shared DES key or PGP. Contact us for more information.<P>

<B>PGP Key</B><BR>  
<A HREF="http://www2.fedcirc.gov/keys.html">http://www2.fedcirc.gov/keys.html</A><P>

<H3>FedCIRC Contact Information</H3>

<B>Email</B><BR>
<A HREF="mailto:fedcirc@fedcirc.gov">fedcirc@fedcirc.gov</A><P>

<B>Phone</B><BR>
+1 888-282-0870  (toll-free 24-hour hotline)<P>

<B>Fax</B><BR>
+1 412-268-6989<P>

<B>Postal address</B><BR>

FedCIRC<BR>
CERT Coordination Center<BR>
Software Engineering Institute<BR>
Carnegie Mellon University<BR>
Pittsburgh PA 15213-3890<P>

         
<HR>
<P>
FedCIRC (Federal Computer Incident Response Capability) is operated by the
CERT/CC for the U.S. General Services Administration. FedCIRC provides
security services to U. S. Federal civilian agencies.<P>

Copyright 1998 Carnegie Mellon University. Conditions for use, disclaimers,
and sponsorship information can be found in
<A HREF="http://www.cert.org/legal_stuff/legal_stuff.html">http://www.cert.org/legal_stuff/legal_stuff.html</A> and
<A HREF="ftp://ftp.cert.org/pub/legal_stuff">ftp://ftp.cert.org/pub/legal_stuff</A> . 
If you do not have FTP or web access, send mail to cert@cert.org with
"copyright" in the subject line.<P>

<HR>
<P>

<B><U>NO WARRANTY</U><BR>

Any material furnished by Carnegie Mellon University and the Software
Engineering Institute is furnished on an "as is" basis. Carnegie Mellon
University makes no warranties of any kind, either expressed or implied as to
any matter including, but not limited to, warranty of fitness for a particular
purpose or merchantability, exclusivity or results obtained from use of the
material. Carnegie Mellon University does not make any warranty of any kind
with respect to freedom from patent, trademark, or copyright
infringement.</B><P>


<HR>
<P>

This file: http://www2.fedcirc.gov/alerts/advisories/1998/FA-98-91.html<P>

<HR>
<P>

<PRE>
</PRE>


</BLOCKQUOTE></BODY>
</HTML>










Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close