Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security Update: [CSSA-2002-SCO.5.1] REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted password disclosure
From: security () caldera com
Date: Mon, 18 Feb 2002 09:49:16 -0800

To: bugtraq () securityfocus com announce () lists caldera com scoannmod () xenitec on ca 

___________________________________________________________________________

            Caldera International, Inc. Security Advisory

Subject:                REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted password disclosure
Advisory number:        CSSA-2002-SCO.5.1
Issue date:             2002 February 16
Cross reference:        CSSA-2001-SCO.5
___________________________________________________________________________


1. Problem Description

        The first  version of this  advisory specifically  mentioned a
        file  that was,  indeed, readable by others  and contained the
        encrypted root password, but the directories leading up to  it
        were   not   searchable.   Therefore,   it  was  not   a  true
        vulnerability.  After  some research,  Caldera  has discovered
        files   that   are  accessible  to  others   that  do  contain
        information  that might be  used to  compromise  the  system's
        security.
        
        After installation  of  the product,  several  files  are left
        readable  by  all  users.  These  files contain,  among  other
        things, encrypted passwords.


2. Vulnerable Supported Versions

        Operating System        Version         Affected Files
        ------------------------------------------------------------------
        UnixWare 7              All             /usr/ns-home/admserv/admpw 
                                                /usr/internet/httpd/admserv/admpw
        Open UNIX               8.0.0           /usr/ns-home/admserv/admpw
                                                /usr/internet/httpd/admserv/admpw
                                                /var/sadm/pkg/update800/install/morepkgs/scripts/debug.out
        OpenServer              All             /var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
                                                /var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file


3. Solution

        3.1 UnixWare 7

                Caldera  recommends  that all  affected systems change
                the  file modes of the following files to  be readable
                only by root:

                # chmod 400 /usr/ns-home/admserv/admpw
                # chmod 400 /usr/internet/httpd/admserv/admpw

                In addition,  Caldera also recommends that you  change
                the root and owner passwords.

        3.2 Open UNIX

                Caldera  recommends  that all  affected systems change
                the  file modes of the following files to  be readable
                only by root:

                # chmod 400 /usr/ns-home/admserv/admpw
                # chmod 400 /usr/internet/httpd/admserv/admpw
                # chmod 400 /var/sadm/pkg/update800/install/morepkgs/scripts/debug.out

                In addition,  Caldera also recommends that you  change
                the root and owner passwords.

        3.3 OpenServer

                Caldera  recommends that  all affected systems  change
                the file  modes of the  following files to be readable
                only by root:

                # chmod 400 /var/opt/K/SCO/link/*/.softmgmt/ccsPersistent/cqs.save.file
                # chmod 400 /var/opt/K/SCO/Vidconf/*/.softmgmt/ccsPersistent/iqm_file

                In addition,  Caldera also recommends that  you change
                the root password.

        
4. References

        ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.5.1/

        This and other advisories are located at
                http://stage.caldera.com/support/security

        This advisory  addresses  Caldera Security  internal  incident
        sr860350.


5. Disclaimer

        Caldera International, Inc.  is not responsible for the misuse
        of any  of the  information we provide on  our website  and/or
        through our security advisories.  Our advisories are a service
        to our  customers intended  to promote secure installation and
        use of Caldera International products.


6. Acknowledgements

        Caldera  wishes  to  thank  the  efforts  of   Derryle   Gogel
        <gogeld () citifinancial com>,   who   gave  us  the  impetus  to
        investigate this issue more thoroughly.

         
___________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2002-SCO.5.1] REVISION: Open UNIX, UnixWare 7, OpenServer: encrypted password disclosure security (Feb 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]