ncurses TERMCAP Buffer Overflow Vulnerability

Solution:
RedHat has released patches to fix this vulnerability.

FreeBSD has provided an ncurses upgrade but advises that users do the following to make sure they are vulnerable before upgrading:

1) Download the 'scan_ncurses.sh' and 'test_ncurses.sh' scripts from

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:68/scan_ncurses.sh
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:68/test_ncurses.sh

e.g. with the fetch(1) command:

# fetch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:68/scan_ncurses.sh
Receiving scan_ncurses.sh (381 bytes): 100%
381 bytes transferred in 0.1 seconds (7.03 kBps)
# fetch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/tools/SA-00:68/test_ncurses.sh
Receiving test_ncurses.sh (604 bytes): 100%
604 bytes transferred in 0.1 seconds (6.55 kBps)

2) Verify the md5 checksums and compare to the value below:

# md5 scan_ncurses.sh
MD5 (scan_ncurses.sh) = 597f63af701253f053581aa1821cbac1
# md5 test_ncurses.sh
MD5 (test_ncurses.sh) = 12491ceb15415df7682e3797de53223e

3) Run the scan_ncurses.sh script against your system:

# chmod a+x ./test_ncurses.sh
# sh scan_ncurses.sh ./test_ncurses.sh /

Caldera:

The proper solution is to upgrade to the fixed packages.

OpenLinux Desktop 2.3

Location of Fixed Packages

The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS


RedHat ncurses-5.0-11.i386.rpm

RedHat ncurses-devel-5.0-11.i386.rpm

RedHat ncurses-5.1-2.i386.rpm

FreeBSD FreeBSD 3.5.1

FreeBSD FreeBSD 4.0

FreeBSD FreeBSD 4.1

FreeBSD FreeBSD 4.1.1 -STABLE

FreeBSD FreeBSD 4.1.1

Wirex Immunix OS 6.2

RedHat Linux 6.2 sparc

RedHat Linux 6.2 alpha

RedHat Linux 6.2 i386

RedHat Linux 7.0

Wirex Immunix OS 7.0 -Beta


 

Privacy Statement
Copyright 2010, SecurityFocus