______________________________________________________________________________ SCO Security Advisory Subject: OpenServer 5.0.5 OpenServer 5.0.6 : REVISED: snmpd denial-of-service vulnerabilities. Advisory number: CSSA-2002-SCO.25.1 Issue date: 2002 October 15 Cross reference: CSSA-2002-SCO.25 ______________________________________________________________________________ 1. Problem Description The University of Oulu (Finland) wrote approximately 53000 tests for snmpd error conditions. For OpenServer, many of the tests caused the snmp daemon to grow in size. This could lead to denial-of-service attacks. This update fixes a problem with strlcpy missing from the previous version for 5.0.5. NOTE: please remove the previous version before installing this new version. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- OpenServer 5.0.5 /usr/lib/libsnmp.so.1 OpenServer 5.0.6 /usr/lib/libsnmp.so.1 3. Solution The proper solution is to install the latest packages. 4. OpenServer 5.0.5 4.1 Location of Fixed Binaries ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.25.1 4.2 Verification MD5 (VOL.000.000) = 64ee71be9dda2b336aa759334cf50291 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download the VOL* files to the /tmp directory 2) Remove any previous version of this advisory (erg711930) 3) Run the custom command, specify an install from media images, and specify the /tmp directory as the location of the images. 5. OpenServer 5.0.6 5.1 Location of Fixed Binaries ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.25.1 5.2 Verification MD5 (VOL.000.000) = 64ee71be9dda2b336aa759334cf50291 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download the VOL* files to the /tmp directory 2) Remove any previous version of this advisory (erg711930) 3) Run the custom command, specify an install from media images, and specify the /tmp directory as the location of the images. 6. References Specific references for this advisory: http://www.cert.org/advisories/CA-2002-03.html SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr858202,SCO-559-1345 and erg711930. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 8. Acknowledgements This vulnerability was discovered and researched by the University of Oulu (oulu.fi). ______________________________________________________________________________