SCOSA-2005.18.txt

SCOSA-2005.18.txt: Posted Apr 17, 2005; Site sco.com; SCO Security Advisory - The CDE dtlogin utility has a double-free vulnerability in the X Display Manager Control Protocol (XDMCP). By sending a specially-crafted XDMCP packet to a vulnerable system, a remote attacker could obtain sensitive information, cause a denial of service or execute arbitrary code on the system.; tags | advisory, remote, denial of service, arbitrary, protocol; advisories | CVE-2004-0368; SHA-256 | 24bb6cc7c24a3053840cf6a4090a3bd2cd80da9b00448e52d83e306efef43c75; Download | Favorite | View

SCOSA-2005.18.txt


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



______________________________________________________________________________

      SCO Security Advisory

Subject:    UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : CDE dtlogin unspecified double free
Advisory number:   SCOSA-2005.18
Issue date:     2005 April 7
Cross reference:  sr890079 fz529303 erg712592 CAN-2004-0368 CERT VU#179804
______________________________________________________________________________


1. Problem Description

  The Common Desktop Environment (CDE) dtlogin utility is
  used to log into a CDE session. The CDE dtlogin utility has
  a double-free vulnerability in the X Display Manager Control
  Protocol (XDMCP). By sending a specially-crafted XDMCP
  packet to a vulnerable system, a remote attacker could
  obtain sensitive information, cause a denial of service or
  execute arbitrary code on the system. 

  CERT Vulnerability Note VU#179804, Common Desktop Environment 
  (CDE) dtlogin improperly deallocates memory at 
  http://www.kb.cert.org/vuls/id/179804. 

  The Common Vulnerabilities and Exposures project (cve.mitre.org) 
  has assigned the name CAN-2004-0368 to this issue.


2. Vulnerable Supported Versions

  System        Binaries
  ----------------------------------------------------------------------
  UnixWare 7.1.4       /usr/dt/bin/dtgreet
          /usr/dt/bin/dtlogin
          /usr/dt/lib/libDtLogin.so.1

  UnixWare 7.1.3       /usr/dt/bin/dtgreet
          /usr/dt/bin/dtlogin
          /usr/dt/lib/libDtLogin.so.1

  UnixWare 7.1.1       See Maintenance Pack 5 notes
        
      
3. Solution

  The proper solution is to install the latest packages.

4. UnixWare 7.1.4

  4.1 Location of Fixed Binaries

  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.18

  4.2 Verification

  MD5 (erg712592.pkg.Z) = d3714b22a624db25740f5539c063d407

  md5 is available for download from
    ftp://ftp.sco.com/pub/security/tools


  4.3 Installing Fixed Binaries

  Upgrade the affected binaries with the following sequence:

  Download erg712592.pkg.Z to the /var/spool/pkg directory

  # uncompress /var/spool/pkg/erg712592.pkg.Z
  # pkgadd -d /var/spool/pkg/erg712592.pkg


5. UnixWare 7.1.3

  5.1 Location of Fixed Binaries

  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.18


  5.2 Verification

  MD5 (erg712592.713.pkg.Z) = fc8d0c4f0ebdcf65504d1b4985c7ba52

  md5 is available for download from
    ftp://ftp.sco.com/pub/security/tools


  5.3 Installing Fixed Binaries

  Upgrade the affected binaries with the following sequence:

  Download erg712592.713.pkg.Z to the /var/spool/pkg directory

  # uncompress /var/spool/pkg/erg712592.713.pkg.Z
  # pkgadd -d /var/spool/pkg/erg712592.713.pkg


6. UnixWare 7.1.1 uw711mp5

  6.1 Location of Fixed Binaries

  The fixes are available in SCO UnixWare Release 7.1.1
        Maintenance Pack 5 or later.  See

        ftp://ftp.sco.com/pub/unixware7/uw711pk/uw711mp5.txt
        and
        ftp://ftp.sco.com/pub/unixware7/uw711pk/uw711mp5_errata.txt

  6.2 Verification

  MD5 (uw711mp5.cpio.Z) = 50bd66b7d57b2025da9dca4010d0ab1a

  md5 is available for download from
    ftp://ftp.sco.com/pub/security/tools

  6.3 Installing Fixed Binaries

  See uw711mp5.txt and uw711mp5_errata.txt for install instructions.


7. References

  Specific references for this advisory:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0368

  SCO security resources:
    http://www.sco.com/support/security/index.html

  SCO security advisories via email
    http://www.sco.com/support/forums/security.html

  This security fix closes SCO incidents sr890079 fz529303
  erg712592.


8. Disclaimer

  SCO is not responsible for the misuse of any of the information
  we provide on this website and/or through our security
  advisories. Our advisories are a service to our customers
  intended to promote secure installation and use of SCO
  products.


9. Acknowledgments

  SCO would like to thank Dave Aitel

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (SCO/SYSV)

iD8DBQFCVYa9aqoBO7ipriERAiKPAJ9tygBRSAMRNqWS2jRKE5PWyJF4+gCff8Em
Hvk5XLjwEg89hCPj96JJ1MM=
=dRsT
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

SCOSA-2005.18.txt

SCOSA-2005.18.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

SCOSA-2005.18.txt

Share This

SCOSA-2005.18.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems