-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject:		serious bug in setuid()
Advisory number: 	CSSA-2000-019.0
Issue date: 		2000 Jun, 16
Cross reference:	CSSA-2000-014.0
______________________________________________________________________________


1. Problem Description

   There is a serious vulnerability in the Linux kernel that
   allows local users to obtain root privilege by exploiting
   certain setuid root applications.

   We urge our customers to upgrade to the fixed kernel as soon as possible
   because exploits for this vulnerability are already widely available.

   This is an additional security advisory for the IBM Netfinity version
   of OpenLinux eServer 2.3, the original advisory was CSSA-2000-014.0.

2. Vulnerable Versions

   System                       Package
   -----------------------------------------------------------
   OpenLinux eServer 2.3        All packages previous to
   for Netfinity                linux-2.2.14-4S


3. Solution

   Workaround:

   none

   The proper solution is to upgrade to the fixed packages.


4. Location of Fixed Packages

   The upgrade packages can be found on Caldera's FTP site at:

   ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/extras/IBM/

   The corresponding source code package can be found in the same
   location as the updated packages.


5. Verification

   df2cf711804d7384b25cc0244b3bba9a  RPMS/linux-kernel-binary-2.2.14-4S_NF.i386.rpm
   39e2c1f0de1c9007522c22f002430f68  RPMS/linux-kernel-doc-2.2.14-4S_NF.i386.rpm
   d6003013b77721037fc5de83dfbce945  RPMS/linux-kernel-include-2.2.14-4S_NF.i386.rpm
   3b64786e1073a7ae2c625c01c3c0e2a2  RPMS/linux-source-alpha-2.2.14-4S_NF.i386.rpm
   304bdbedc5bec149713fcf4e26aad234  RPMS/linux-source-arm-2.2.14-4S_NF.i386.rpm
   1b5e54d78fcbec07b81257a83baec6f1  RPMS/linux-source-common-2.2.14-4S_NF.i386.rpm
   bfd445a1643c4c92e89ec7036502cc49  RPMS/linux-source-i386-2.2.14-4S_NF.i386.rpm
   d428387c63c17d52c370af7779d6ece7  RPMS/linux-source-m68k-2.2.14-4S_NF.i386.rpm
   b8a9c35b29af6368a69effe8c5e0dee7  RPMS/linux-source-mips-2.2.14-4S_NF.i386.rpm
   40cf2a37fa6e0193c5bde502c742839e  RPMS/linux-source-ppc-2.2.14-4S_NF.i386.rpm
   df6e8674026d0c08286f77e2ddbd2a0c  RPMS/linux-source-sparc-2.2.14-4S_NF.i386.rpm
   d1477f3181b6c493d68ccf7014c92ee3  RPMS/linux-source-sparc64-2.2.14-4S_NF.i386.rpm
   f521f4903b8faab798765733e11280a1  SRPMS/linux-2.2.14-4S_NF.src.rpm


6. Installing Fixed Packages

   Upgrade the affected packages with the following commands:

      rpm -F linux-*.i386.rpm


7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/support/security/index.html

   This security fix closes Caldera's internal Problem Report 6799

8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.


9. Acknowledgements

   Caldera Systems wishes to thank Wojciech Purczynski for discovering
   and reporting the bug, and Chris Evans, Ted T'so, and Andrew Morgan
   for their assistance.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE5SiPY18sy83A/qfwRAl7NAJ47U5HO8fHmDCWrVIvRmIgc04aU3ACfU3sQ
mYSKoARmaA+pw7Y1gUvcvW4=
=+1eC
-----END PGP SIGNATURE-----