___________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Open UNIX, UnixWare 7: xlock buffer overflow Advisory number: CSSA-2001-SCO.34 Issue date: 2001 November 16 ___________________________________________________________________________ 1. Problem Description The /usr/bin/X11/xlock program contains a potential security problem via a buffer overflow. This could be used by an unauthorized user to gain privilege. 2. Vulnerable Versions Operating System Version Affected Files ------------------------------------------------------------------ UnixWare 7 7.1.0, 7.1.1 /usr/bin/X11/xlock Open UNIX 8.0.0 /usr/bin/X11/xlock 3. Workaround Remove the setuid bit from the binary: chmod -s /usr/bin/X11/xlock 4. UnixWare 7, Open UNIX 8 4.1 Location of Fixed Binaries ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.34/ 4.2 Verification md5 checksums: 7220c59693f2db6312173259a37a6ba5 xcontrib_801.pkg md5 is available for download from ftp://stage.caldera.com/pub/security/tools/ 4.3 Installing Fixed Binaries Download the xcontrib_801.pkg file to /usr/tmp. This package is an upgrade install to UnixWare 7 xcontrib package version 7.1.1 and Caldera OpenUNIX 8 version 8.0.0. This version 8.0.1 contains all the components released with any previous updates plus the bug fixes mentioned above. To verify the currently installed version of this package: # pkginfo -x xcontrib It is not necessary, nor recommended, to remove previous versions of this package from the system before installing this updated version. To install this package, you may use the SCOadmin Application Installer from the desktop, or as a root login with pkgadd: # pkgadd -d /usr/tmp/xcontrib_801.pkg NOTE: Do not use /tmp as the download directory. It could fail with a 'No space' message during pkgadd. The message WARNING: UnixWare Update 7.x.x should be reapplied can be safely ignored. There are no files in the Update which patch this package. 5. References This and other advisories are located at http://stage.caldera.com/support/security This advisory addresses Caldera Security internal incidents sr848020, fz518827, erg711744. 6. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on our website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera International products. ___________________________________________________________________________