-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: OpenLinux: file command buffer overflow Advisory number: CSSA-2003-018.0 Issue date: 2003 April 28 Cross reference: ______________________________________________________________________________ 1. Problem Description The file command is vulnerable to a buffer overflow when given a maliciously crafted binary to examine. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to file-3.28-8.i386.rpm OpenLinux 3.1.1 Workstation prior to file-3.28-8.i386.rpm OpenLinux 3.1 Server prior to file-3.28-8.i386.rpm OpenLinux 3.1 Workstation prior to file-3.28-8.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-018.0/RPMS 4.2 Packages d0ad82669f9b01fd96dfcc62dc94f57c file-3.28-8.i386.rpm 4.3 Installation rpm -Fvh file-3.28-8.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-018.0/SRPMS 4.5 Source Packages 8c906c8f4ef25a26e7bcde0a93c3b674 file-3.28-8.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-018.0/RPMS 5.2 Packages d1a99e375dfd64eaf46cc9b0db3132c2 file-3.28-8.i386.rpm 5.3 Installation rpm -Fvh file-3.28-8.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-018.0/SRPMS 5.5 Source Packages 8d667b887a27ea3973a5049505910944 file-3.28-8.src.rpm 6. OpenLinux 3.1 Server 6.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-018.0/RPMS 6.2 Packages 9bb629d683cd6f97d490c16e069f9593 file-3.28-8.i386.rpm 6.3 Installation rpm -Fvh file-3.28-8.i386.rpm 6.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-018.0/SRPMS 6.5 Source Packages 2f3aeeba02521523d0a74518d44cae96 file-3.28-8.src.rpm 7. OpenLinux 3.1 Workstation 7.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-018.0/RPMS 7.2 Packages e464c56f403a596e7a8faae665d6f1cf file-3.28-8.i386.rpm 7.3 Installation rpm -Fvh file-3.28-8.i386.rpm 7.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-018.0/SRPMS 7.5 Source Packages 02bb22adeb36b09cfef84cb210ee7114 file-3.28-8.src.rpm 8. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0102 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr876782, fz527684, erg712286. 9. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 10. Acknowledgements David Endler of iDEFENSE discovered and researched this vulnerability. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj6tZXUACgkQbluZssSXDTGwXQCfbFevhnhrprw1ihoRXzCLirV2 7CAAn0SzjZkwS6ONkcraVHdcUztltqvV =ltVk -----END PGP SIGNATURE-----