-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		various security problems with majordomo
Advisory number: 	CSSA-2000-006.0
Issue date: 		2000 March, 7
Cross reference:	CSSA-1999-039.0
______________________________________________________________________________


1. Problem Description

   This advisory is a re-release of CSSA-1999-039.0, additionally
   covering the OpenLinux eServer platform. Users of the OpenLinux
   2.3 Desktop product do not need to take additional actions if
   you have already upgraded to the inn package as update 018.
			  
   There are several bugs in majordomo that allow arbitrary users to
   execute commands with the privilege of majordomo. If the sendmail
   aliases file contains aliases that invoke majordomo, a compromise
   of additional system accounts is possible, which may further on
   lead to a root compromise. An immediate root exploit has not been
   found however.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
                                majordomo-1.94.5-1
				(see update 018)

   OpenLinux eServer 2.3        All packages previous to
                                majordomo-1.94.5-1


3. Solution

   Workaround:
   
   Change the group of the wrapper excutable to daemon, and turn
   off world execute rights:

	chgrp daemon /usr/lib/majordomo/wrapper
	chmod o-x /usr/lib/majordomo/wrapper

   The proper solution is to upgrade to the latest packages

	rpm -U majordomo-1.94.5-1.i386.rpm

   If you do not use majordomo, we recommend to remove the package
   entirely using

	rpm -e majordomo
	 
4. OpenLinux Desktop 2.3

   Fixed packages released with update 018

5. OpenLinux eServer 2.3

   5.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/eServer/updates/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderaystems.com/pub/eServer/updates/2.3/current/SRPMS

   5.2 Verification

       b4398888ab9a7d1f2fff43015483a64c  RPMS/majordomo-1.94.5-1.i386.rpm
       d04530bd2710cdd336f08677368efcae  SRPMS/majordomo-1.94.5-1.src.rpm

   5.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -F majordomo-1.94.5-1.i386.rpm
   
6. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 5615

7. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.
______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBOMUWmOn+9R4958LpAQH2lQQAqTZHlpjWl8hu7TirIG2CQO8LuCihFUdB
/n2WP6CmmmvebxuL8SQVVaMxjfaoARXVX7LPo+BYQtYwWFEPMCNO2VgSQUJ/beCV
ZI7WFesa2GF31j1jfX7I1HhWKxvBMbrWqyo1XF7B76bRRIF3Pv0cVrQCfGJmmzOZ
RHHWXQKLNOI=
=8BuU
-----END PGP SIGNATURE-----