To: bugtraq (at) securityfocus (dot) com [email concealed] announce (at) lists.caldera (dot) com [email concealed] security-alerts (at) linuxsecurity (dot) com [email concealed] full-disclosure (at) lists.netsys (dot) com [email concealed]

________________________________________________________________________
______

SCO Security Advisory

Subject: Linux: Preboot eXecution Environment (PXE) server denial-of-service attacks
Advisory number: CSSA-2002-044.0
Issue date: 2002 November 11
Cross reference:
________________________________________________________________________
______

1. Problem Description

The PXE server can be crashed by using corrupt DHCP packets.
This bug could be used to cause a denial-of-service attack.

2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------

OpenLinux 3.1.1 Server prior to pxe-0.1-33.i386.rpm

OpenLinux 3.1.1 Workstation prior to pxe-0.1-33.i386.rpm

OpenLinux 3.1 Server prior to pxe-0.1-33.i386.rpm

OpenLinux 3.1 Workstation prior to pxe-0.1-33.i386.rpm

3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-044.0/RPM
S

4.2 Packages

75380c0629500bcb6ac3185fd7f68cf9 pxe-0.1-33.i386.rpm

4.3 Installation

rpm -Fvh pxe-0.1-33.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-044.0/SRP
MS

4.5 Source Packages

dc85c1098a2835660007665df6140570 pxe-0.1-33.src.rpm

5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-044.
0/RPMS

5.2 Packages

bfb9e544055e16500098a9fd1c058a7c pxe-0.1-33.i386.rpm

5.3 Installation

rpm -Fvh pxe-0.1-33.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-044.
0/SRPMS

5.5 Source Packages

1e6e6cdb4485ad55d7618ae59bb34f5a pxe-0.1-33.src.rpm

6. OpenLinux 3.1 Server

6.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-044.0/RPMS

6.2 Packages

84544318a2f9cf2f439aecf928ae3a64 pxe-0.1-33.i386.rpm

6.3 Installation

rpm -Fvh pxe-0.1-33.i386.rpm

6.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-044.0/SRPMS

6.5 Source Packages

b740f40b65ec56bbfa8c59439487f7a3 pxe-0.1-33.src.rpm

7. OpenLinux 3.1 Workstation

7.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-044.0/
RPMS

7.2 Packages

0dffc10145ab632ed3190429d445cfdf pxe-0.1-33.i386.rpm

7.3 Installation

rpm -Fvh pxe-0.1-33.i386.rpm

7.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-044.0/
SRPMS

7.5 Source Packages

e7f92ace6e801f23251fd00a1a76dd98 pxe-0.1-33.src.rpm

8. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0835
http://www.redhat.com/support/errata/RHSA-2002-162.html

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr867513, fz525783,
erg501646.

9. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.

________________________________________________________________________
______

[ reply ]