Home page logo
/

bugtraq logo Bugtraq mailing list archives

Security Update: [CSSA-2003-015.0] Linux: apcupsd remote root vulnerability and buffer overflows
From: security () sco com
Date: Tue, 25 Mar 2003 13:19:53 -0800

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com


______________________________________________________________________________

                        SCO Security Advisory

Subject:                Linux: apcupsd remote root vulnerability and buffer overflows
Advisory number:        CSSA-2003-015.0
Issue date:             2003 March 25
Cross reference:
______________________________________________________________________________


1. Problem Description

        From the CVE candidate desciptions:

        A vulnerability in apcupsd allows remote attackers to gain
        root privileges, possibly via format strings in a request to a
        slave server.

        Multiple buffer overflows in apcupsd may allow attackers to
        cause a denial of service or execute arbitrary code, related
        to usage of the vsprintf function.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to apcupsd-3.8.6-1.i386.rpm
                                        prior to apcupsd-cgi-3.8.6-1.i386.rpm
                                        prior to apcupsd-powerflute-3.8.6-1.i386.rpm

        OpenLinux 3.1 Server            prior to apcupsd-3.8.6-1.i386.rpm
                                        prior to apcupsd-cgi-3.8.6-1.i386.rpm
                                        prior to apcupsd-powerflute-3.8.6-1.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-015.0/RPMS

        4.2 Packages

        a2c0d41800f62383c65f77858f0c3898        apcupsd-3.8.6-1.i386.rpm
        13800369e6a5712eb02f00514e05eaf0        apcupsd-cgi-3.8.6-1.i386.rpm
        c6744b9f001474a9bb1dd9f59d3edbcd        apcupsd-powerflute-3.8.6-1.i386.rpm

        4.3 Installation

        rpm -Fvh apcupsd-3.8.6-1.i386.rpm
        rpm -Fvh apcupsd-cgi-3.8.6-1.i386.rpm
        rpm -Fvh apcupsd-powerflute-3.8.6-1.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-015.0/SRPMS

        4.5 Source Packages

        2efb5f90e0c02ffc08340308d29bc1bf        apcupsd-3.8.6-1.src.rpm


5. OpenLinux 3.1 Server

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-015.0/RPMS

        5.2 Packages

        2c04bd609f4b1949c56556719928ff50        apcupsd-3.8.6-1.i386.rpm
        048ad400cb7c9a80ba16798ecde20c4a        apcupsd-cgi-3.8.6-1.i386.rpm
        d8de392566a69a95f5e230af51918839        apcupsd-powerflute-3.8.6-1.i386.rpm

        5.3 Installation

        rpm -Fvh apcupsd-3.8.6-1.i386.rpm
        rpm -Fvh apcupsd-cgi-3.8.6-1.i386.rpm
        rpm -Fvh apcupsd-powerflute-3.8.6-1.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-015.0/SRPMS

        5.5 Source Packages

        1d6fcff1a24702cc60ec0779a6512e0a        apcupsd-3.8.6-1.src.rpm


6. References

        Specific references for this advisory:

                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0098
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr876044, fz527560,
        erg712268.


7. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.


8. Acknowledgements

        Highspeed Junkie (http://hsj.shadowpenguin.org/) discovered
        and researched the slave server vulnerability.

______________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2003-015.0] Linux: apcupsd remote root vulnerability and buffer overflows security (Mar 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]