-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		misconfigured OpenLDAP
Advisory number: 	CSSA-2000-009.0
Issue date: 		2000 April, 26
Cross reference:
______________________________________________________________________________


1. Problem Description

   OpenLinux 2.3 Desktop was shipped with a misconfigured OpenLDAP
   package. By default, the LDAP daemon slapd would create various
   files in /usr/tmp. While doing this, it does not properly check
   for symbolic links. Any local user can therefore trick slapd into
   overwriting arbitrary files on the system.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux Desktop 2.3        All packages previous to
                                openldap-1.2.7-3

   OpenLinux eServer 2.3        not vulnerable
                                

   OpenLinux eDesktop 2.4	not vulnerable
				

   
3. Solution

   If you do not need to run an LDAP server, remove the package
   by executing

        rpm -e openldap

   The recommended approach is to upgrade the RPM

4. OpenLinux Desktop 2.3

   4.1 Location of Fixed Packages

       The upgrade packages can be found on Caldera's FTP site at:

       ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

       The corresponding source code package can be found at:

       ftp://ftp.calderaystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

   4.2 Verification

       5f447b0dc5215768744edd668a78c2ec  RPMS/openldap-1.2.7-3.i386.rpm
       678309dc0588320cc5ceaf90f35ebd8c  RPMS/openldap-devel-1.2.7-3.i386.rpm
       63fc21395666db0237c2e4a8e746836c  SRPMS/openldap-1.2.7-3.src.rpm

   4.3 Installing Fixed Packages

       Upgrade the affected packages with the following commands:

	  rpm -F openldap-1.2.7-3.i386.rpm

       Note that when upgrading to version 1.2.7, locations of many
       directories have changed, and you will have to move files to
       their proper locations.
                                                                              
                     Previous Location       Current Location
       Config files  /usr/etc/openldap       /etc/ldap
       Database      /usr/tmp/*.db           /var/ldap/*.db
                     /usr/tmp/NEXTID         /var/ldap/NEXTID 
                    

5. OpenLinux eServer 2.3

   Not vulnerable

6. OpenLinux eDesktop 2.4

   Not vulnerable
   
7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5Buu+18sy83A/qfwRAnngAKCQnSuitOuFC5hnFDK72x3IEgOkMgCgukEx
4+cuioF8LkhSDUXfBG+v9Jw=
=Xft+
-----END PGP SIGNATURE-----