full disclosure security

Document Sample
full disclosure security Powered By Docstoc
					Full−Disclosure: [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability

                [Full−Disclosure] Security Update:
            [CSSA−2003−006.0] Linux: CVS double free
                           vulnerability

    Source: http://www.derkeiler.com/Mailing−Lists/Full−Disclosure/2003−01/0266.html


    From: security@caldera.com
    Date: 01/31/03

    To: bugtraq@securityfocus.com, announce@lists.caldera.com, security−alerts@linuxsecurity.com, ful
    From: security@caldera.com
    Date: Fri, 31 Jan 2003 11:15:44 −0800




    To: bugtraq@securityfocus.com announce@lists.caldera.com security−alerts@linuxsecurity.com
    full−disclosure@lists.netsys.com

    ______________________________________________________________________________

                  SCO Security Advisory

    Subject: Linux: CVS double free vulnerability
    Advisory number: CSSA−2003−006.0
    Issue date: 2003 January 31
    Cross reference:
    ______________________________________________________________________________

    1. Problem Description

        Double−free vulnerabiity in CVS allows remote attackers to cause
        a denial of service and possibly execute arbitrary code via a
        malformed Directory request.

    2. Vulnerable Supported Versions

        System Package
        −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−

        OpenLinux 3.1.1 Server prior to cvs−1.11−9.i386.rpm
                          prior to cvs−doc−ps−1.11−9.i386.rpm

        OpenLinux 3.1.1 Workstation prior to cvs−1.11−9.i386.rpm
                         prior to cvs−doc−ps−1.11−9.i386.rpm

        OpenLinux 3.1 Server prior to cvs−1.11−9.i386.rpm


    [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability       1
Full−Disclosure: [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability

                            prior to cvs−doc−ps−1.11−9.i386.rpm

         OpenLinux 3.1 Workstation prior to cvs−1.11−9.i386.rpm
                          prior to cvs−doc−ps−1.11−9.i386.rpm

    3. Solution

         The proper solution is to install the latest packages. Many
         customers find it easier to use the Caldera System Updater, called
         cupdate (or kcupdate under the KDE environment), to update these
         packages rather than downloading and installing them by hand.

    4. OpenLinux 3.1.1 Server

         4.1 Package Location

         ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA−2003−006.0/RPMS

         4.2 Packages

         e7a31e41a320f2397d23611600675d6e cvs−1.11−9.i386.rpm
         676963b0422d0cd95397de77a3b927d1 cvs−doc−ps−1.11−9.i386.rpm

         4.3 Installation

         rpm −Fvh cvs−1.11−9.i386.rpm
         rpm −Fvh cvs−doc−ps−1.11−9.i386.rpm

         4.4 Source Package Location

         ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA−2003−006.0/SRPMS

         4.5 Source Packages

         da4062b0b49efcabb47c7efb41dc5471 cvs−1.11−9.src.rpm

    5. OpenLinux 3.1.1 Workstation

         5.1 Package Location

         ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA−2003−006.0/RPMS

         5.2 Packages

         73dee39f6543079466e6d7adbac35ec6 cvs−1.11−9.i386.rpm
         129403e58ca353878b09fbbbaaccf645 cvs−doc−ps−1.11−9.i386.rpm

         5.3 Installation

         rpm −Fvh cvs−1.11−9.i386.rpm
         rpm −Fvh cvs−doc−ps−1.11−9.i386.rpm

    [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability       2
Full−Disclosure: [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA−2003−006.0/SRPMS

        5.5 Source Packages

        9030ced613dc9919f78a3200ea931fdc cvs−1.11−9.src.rpm

    6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA−2003−006.0/RPMS

        6.2 Packages

        3b3748a8bca4a972c422f43ff7745337 cvs−1.11−9.i386.rpm
        04760b87b35c2a0f72cc41ed9565b47d cvs−doc−ps−1.11−9.i386.rpm

        6.3 Installation

        rpm −Fvh cvs−1.11−9.i386.rpm
        rpm −Fvh cvs−doc−ps−1.11−9.i386.rpm

        6.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA−2003−006.0/SRPMS

        6.5 Source Packages

        6d87ab953cd4864fe319085b3d2517db cvs−1.11−9.src.rpm

    7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA−2003−006.0/RPMS

        7.2 Packages

        0aa2347beb3bf9e5219dfce2eedb26d8 cvs−1.11−9.i386.rpm
        a646b53a8436c880b4752566223e7156 cvs−doc−ps−1.11−9.i386.rpm

        7.3 Installation

        rpm −Fvh cvs−1.11−9.i386.rpm
        rpm −Fvh cvs−doc−ps−1.11−9.i386.rpm

        7.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA−2003−006.0/SRPMS

    [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability       3
Full−Disclosure: [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability

         7.5 Source Packages

         6e2cf8a3b250a1373846f4d35ea958ad cvs−1.11−9.src.rpm

    8. References

         Specific references for this advisory:

              http://security.e−matters.de/advisories/012003.html
              http://cve.mitre.org/cgi−bin/cvename.cgi?name=CAN−2003−0015

         SCO security resources:

              http://www.sco.com/support/security/index.html

         This security fix closes SCO incidents sr873732, fz527185,
         erg712206.

    9. Disclaimer

         SCO is not responsible for the misuse of any of the information
         we provide on this website and/or through our security
         advisories. Our advisories are a service to our customers intended
         to promote secure installation and use of SCO products.

    10. Acknowledgements

         Stefan Esser <s.esser@e−matters.de> discovered and researched
         these vulnerabilities.

    ______________________________________________________________________________




    _______________________________________________
    Full−Disclosure − We believe in it.
    Charter: http://lists.netsys.com/full−disclosure−charter.html


          • application/pgp−signature attachment: stored




    [Full−Disclosure] Security Update: [CSSA−2003−006.0] Linux: CVS double free vulnerability       4