-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

			SCO Security Advisory

Subject:		OpenLinux: mc Updated packages resolve local buffer overflow vulnerability
Advisory number: 	CSSA-2004-014.0
Issue date: 		2004 March 25
Cross reference:	sr889551 fz528937 erg712553 CAN-2003-1023
______________________________________________________________________________


1. Problem Description

	Stack-based buffer overflow in vfs_s_resolve_symlink of
	vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier,
	and possibly later versions, allows remote attackers to
	execute arbitrary code during symlink conversion. 

	The Common Vulnerabilities and Exposures project (cve.mitre.org) 
	has assigned the name CAN-2003-1023 to this issue.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------
	OpenLinux 3.1.1 Server		prior to mc-4.5.51-6.i386.rpm
					prior to mc-doc-4.5.51-6.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to mc-4.5.51-6.i386.rpm
					prior to mc-doc-4.5.51-6.i386.rpm


3. Solution

	The proper solution is to install the latest packages. 

	Unix users with Linux Kernel Personality can use the Caldera System
	Updater, called cupdate (or kcupdate under the KDE environment),
	to update these packages rather than downloading and installing
	them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-014.0/RPMS

	4.2 Packages

	683f2374c3602c3d4680d033da405a91	mc-4.5.51-6.i386.rpm
	1d1737ac2576c2571cfc6132d31ca89a	mc-doc-4.5.51-6.i386.rpm

	4.3 Installation

	rpm -Fvh mc-4.5.51-6.i386.rpm
	rpm -Fvh mc-doc-4.5.51-6.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-014.0/SRPMS

	4.5 Source Packages

	728be58503d28303c1446b1954d85340	mc-4.5.51-6.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-014.0/RPMS

	5.2 Packages

	936ff3ee57f8bee7ccb96581ccdeca63	mc-4.5.51-6.i386.rpm
	126a8cc66def304a321bc4dad071bc4a	mc-doc-4.5.51-6.i386.rpm

	5.3 Installation

	rpm -Fvh mc-4.5.51-6.i386.rpm
	rpm -Fvh mc-doc-4.5.51-6.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-014.0/SRPMS

	5.5 Source Packages

	98f3e31a702d2e890f9781753429d2dc	mc-4.5.51-6.src.rpm


6. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr889551 fz528937
	erg712553.


7. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.


8. Acknowledgements

	SCO would like to thank Ilya Teterin

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)

iD8DBQFAY2IebluZssSXDTERAutPAKCYgjPEb/nv3Z+SpCxBLk/TrphuvQCcCDSg
/Kv/+sBl46snE5KypyrwvS4=
=8D7F
-----END PGP SIGNATURE-----