Subject: OpenLinux: mc Updated packages resolve local buffer overflow vulnerability
Advisory number: CSSA-2004-014.0
Issue date: 2004 March 25
Cross reference: sr889551 fz528937 erg712553 CAN-2003-1023
________________________________________________________________________
______
1. Problem Description
Stack-based buffer overflow in vfs_s_resolve_symlink of
vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier,
and possibly later versions, allows remote attackers to
execute arbitrary code during symlink conversion.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2003-1023 to this issue.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to mc-4.5.51-6.i386.rpm
prior to mc-doc-4.5.51-6.i386.rpm
OpenLinux 3.1.1 Workstation prior to mc-4.5.51-6.i386.rpm
prior to mc-doc-4.5.51-6.i386.rpm
3. Solution
The proper solution is to install the latest packages.
Unix users with Linux Kernel Personality can use the Caldera System
Updater, called cupdate (or kcupdate under the KDE environment),
to update these packages rather than downloading and installing
them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-014.0/RPM
S
This security fix closes SCO incidents sr889551 fz528937
erg712553.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
________________________________________________________________________
______
SCO Security Advisory
Subject: OpenLinux: mc Updated packages resolve local buffer overflow vulnerability
Advisory number: CSSA-2004-014.0
Issue date: 2004 March 25
Cross reference: sr889551 fz528937 erg712553 CAN-2003-1023
________________________________________________________________________
______
1. Problem Description
Stack-based buffer overflow in vfs_s_resolve_symlink of
vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier,
and possibly later versions, allows remote attackers to
execute arbitrary code during symlink conversion.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2003-1023 to this issue.
2. Vulnerable Supported Versions
System Package
----------------------------------------------------------------------
OpenLinux 3.1.1 Server prior to mc-4.5.51-6.i386.rpm
prior to mc-doc-4.5.51-6.i386.rpm
OpenLinux 3.1.1 Workstation prior to mc-4.5.51-6.i386.rpm
prior to mc-doc-4.5.51-6.i386.rpm
3. Solution
The proper solution is to install the latest packages.
Unix users with Linux Kernel Personality can use the Caldera System
Updater, called cupdate (or kcupdate under the KDE environment),
to update these packages rather than downloading and installing
them by hand.
4. OpenLinux 3.1.1 Server
4.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-014.0/RPM
S
4.2 Packages
683f2374c3602c3d4680d033da405a91 mc-4.5.51-6.i386.rpm
1d1737ac2576c2571cfc6132d31ca89a mc-doc-4.5.51-6.i386.rpm
4.3 Installation
rpm -Fvh mc-4.5.51-6.i386.rpm
rpm -Fvh mc-doc-4.5.51-6.i386.rpm
4.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-014.0/SRP
MS
4.5 Source Packages
728be58503d28303c1446b1954d85340 mc-4.5.51-6.src.rpm
5. OpenLinux 3.1.1 Workstation
5.1 Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-014.
0/RPMS
5.2 Packages
936ff3ee57f8bee7ccb96581ccdeca63 mc-4.5.51-6.i386.rpm
126a8cc66def304a321bc4dad071bc4a mc-doc-4.5.51-6.i386.rpm
5.3 Installation
rpm -Fvh mc-4.5.51-6.i386.rpm
rpm -Fvh mc-doc-4.5.51-6.i386.rpm
5.4 Source Package Location
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-014.
0/SRPMS
5.5 Source Packages
98f3e31a702d2e890f9781753429d2dc mc-4.5.51-6.src.rpm
6. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1023
SCO security resources:
http://www.sco.com/support/security/index.html
This security fix closes SCO incidents sr889551 fz528937
erg712553.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
8. Acknowledgements
SCO would like to thank Ilya Teterin
________________________________________________________________________
______
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (SCO/UNIX_SVR5)
iD8DBQFAY2IebluZssSXDTERAutPAKCYgjPEb/nv3Z+SpCxBLk/TrphuvQCcCDSg
/Kv/+sBl46snE5KypyrwvS4=
=8D7F
-----END PGP SIGNATURE-----
[ reply ]