Home page logo

bugtraq logo Bugtraq mailing list archives

Security Update: [CSSA-2001-SCO.4] UnixWare: uucp utilities buffer overflows
From: sco-security () caldera com
Date: Wed, 27 Jun 2001 17:52:26 -0700

To: bugtraq () securityfocus com security-announce () lists securityportal com


            Caldera International, Inc. Security Advisory

Subject:                UnixWare - uucp utilities buffer overflows
Advisory number:        CSSA-2001-SCO.4
Issue date:             2001 June, 27
Cross reference:

1. Problem Description

        The uucp utilities are vulnerable to command line argument
        buffer overflows. These could allow a process to execute
        arbitrary code, allowing a malicious user to gain elevated

2. Vulnerable Versions

        Operating System        Version         Affected Files
        UnixWare 7              All             /usr/bin/uucp

3. Workaround


4. UnixWare 7

  4.1 Location of Fixed Binaries


  4.2 Verification

        md5 checksums:
        e93266c02e2bd2f71b9675847fd9a7b5        erg711716a.Z

        md5 is available for download from


  4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        # uncompress /tmp/erg711716a.Z
        # pkgadd -d /tmp/erg711716a

5. References


6. Disclaimer

        Caldera International, Inc. is not responsible for the misuse
        of any of the information we provide on our website and/or
        through our security advisories. Our advisories are a service
        to our customers intended to promote secure installation and
        use of Caldera International, Inc. products.


Attachment: _bin

  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2001-SCO.4] UnixWare: uucp utilities buffer overflows sco-security (Jun 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]