-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : wu-ftp denial of service Advisory number: SCOSA-2005.28 Issue date: 2005 June 06 Cross reference: sr893935 fz532336 erg712855 CAN-2005-0256 ______________________________________________________________________________ 1. Problem Description The wu_fnmatch function in wu_fnmatch.c for wu-fptd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of SCOSA-2005.28.in SCOSA-2005.28.txt erg712855.711.pkg.Z erg712855.711.txt erg712855.713.pkg.Z erg712855.713.txt (wildcard) characters, as demonstrated using the dir copmmand. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following name CAN-2005-0256 to this issue. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- UnixWare 7.1.4 /usr/sbin/in.ftpd UnixWare 7.1.3 /usr/sbin/in.ftpd UnixWare 7.1.1 /usr/sbin/in.ftpd 3. Solution The proper solution is to install the latest packages. 4. UnixWare 7.1.4 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28 4.2 Verification MD5 (erg712855.714.pkg.Z) = e774fb3a1e9be5ad88f961b95362e25c md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712855.713.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712855.713.pkg.Z # pkgadd -d /var/spool/pkg/erg712855.713.pkg 5. UnixWare 7.1.3 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28 5.2 Verification MD5 (erg712855.713.pkg.Z) = 60aeba73dbb57e4979c36e222340cdc6 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712855.713.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712855.713.pkg.Z # pkgadd -d /var/spool/pkg/erg712855.713.pkg 6. UnixWare 7.1.1 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.28 6.2 Verification MD5 (erg712855.711.pkg.Z) = c7dd29c7fb98756a9c8e5fa0eff5e177 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download erg712855.711.pkg.Z to the /var/spool/pkg directory # uncompress /var/spool/pkg/erg712855.711.pkg.Z # pkgadd -d /var/spool/pkg/erg712855.711.pkg 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0256 http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr893935 fz532336 erg712855. 8. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 9. Acknowledgments SCO would like to thank Adam Zabrocki ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (SCO/SYSV) iD8DBQFCpM9BaqoBO7ipriERAhO2AJ40rgAsjtCuOafpHiKgV6NUOW2thACfdVG2 kexy3Sv4Za072j8BSAl21IU= =/ee2 -----END PGP SIGNATURE-----