-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 			SCO Security Advisory

Subject:		OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : LibXpm Integer Overflow Vulnerability
Advisory number:	SCOSA-2006.5
Issue date:		2006 January 04
Cross reference:	fz533161
 			CVE-2005-0605
______________________________________________________________________________


1. Problem Description

 	An integer overflow vulnerability in libXpm can be exploited by
 	a remote user to cause arbitrary code to be executed.

 	The 'scan.c' code does not properly validate user-supplied data
 	contained in image files. A remote user can create a specially
 	crafted image file that, when processed by the target user or
 	application, will trigger the overflow and execute arbitrary
 	code.

 	The Common Vulnerabilities and Exposures project (cve.mitre.org)
 	has assigned the name CVE-2005-0605 to this issue.


2. Vulnerable Supported Versions

 	System				Binaries
 	----------------------------------------------------------------------
 	OpenServer 5.0.6 		/usr/lib/libXm.so.1.2
 					/usr/lib/libXm.a
 	OpenServer 5.0.7 		/usr/lib/libXm.so.1.2
 					/usr/lib/libXm.a
 	OpenServer 6.0.0 		/osr5/usr/lib/libXm.so.1.2
 					/usr/lib/libXm.so.1.3
 					/usr/lib/WXm/libXm.so.1.3


3. Solution

 	The proper solution is to install the latest packages.


4. OpenServer 5.0.6

 	4.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5


 	4.2 Verification

 	MD5 (p533161.507_vol.tar) = 6029872cf58a680d097c81cdf4adb093

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools


 	4.3 Installing Fixed Binaries

 	The following package should be installed on your system before
 	you install this fix:

 		OSS646C

 	Upgrade the affected binaries with the following sequence:

 	1) Download p533161.507_vol.tar file to a directory.

 	2) Extract VOL* files.

 	   # tar xvf p533161.507_vol.tar

 	3) Run the custom command, specify an install from media images,
 	   and specify the directory as the location of the images.


5. OpenServer 5.0.7

 	5.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5


 	5.2 Verification

 	MD5 (p533161.507_vol.tar) = 6029872cf58a680d097c81cdf4adb093

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools


 	5.3 Installing Fixed Binaries

 	Upgrade the affected binaries with the following sequence:

 	1) Download p533161.507_vol.tar file to a directory.

 	2) Extract VOL* files.

 	   # tar xvf p533161.507_vol.tar

 	3) Run the custom command, specify an install from media images,
 	   and specify the directory as the location of the images.


6. OpenServer 6.0.0

 	6.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5


 	6.2 Verification

 	MD5 (p533161.600_vol.tar) = 234154d30efa8c7eb47e5af7b2c300d7

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools


 	6.3 Installing Fixed Binaries

 	Upgrade the affected binaries with the following sequence:

 	1) Download p533161.600_vol.tar file to a directory.

 	2) Extract VOL* files.

 	   # tar xvf p533161.600_vol.tar

 	3) Run the custom command, specify an install from media images,
 	   and specify the directory as the location of the images.


7. References

 	Specific references for this advisory:
 		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0605
 		http://securitytracker.com/id?1013339
 		http://www.securityfocus.com/bid/12714
 		https://bugs.freedesktop.org/attachment.cgi?id=1909

 	SCO security resources:
 		http://www.sco.com/support/security/index.html

 	SCO security advisories via email
 		http://www.sco.com/support/forums/security.html

 	This security fix closes SCO incidents fz533161.


8. Disclaimer

 	SCO is not responsible for the misuse of any of the information
 	we provide on this website and/or through our security
 	advisories. Our advisories are a service to our customers
 	intended to promote secure installation and use of SCO
 	products.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)

iD8DBQFDvAL6aqoBO7ipriERAlAwAJ9R3qgnqTLCozWksnedBAtwdLsv2gCgpzu1
1DhUWx59eVGmgmjfFcjYN7M=
=iYXV
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/