Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow
From: security () caldera com
Date: Fri, 6 Dec 2002 16:30:34 -0800

To: bugtraq () securityfocus com announce () lists caldera com security-alerts () linuxsecurity com full-disclosure () 
lists netsys com


______________________________________________________________________________

                        SCO Security Advisory

Subject:                Linux: groff pic buffer overflow
Advisory number:        CSSA-2002-057.0
Issue date:             2002 December 06
Cross reference:
______________________________________________________________________________


1. Problem Description

        groff pic(1) has a buffer overrun in argument handling. The
        problem could be remotely exploited depending on the lpd(8) setup.


2. Vulnerable Supported Versions

        System                          Package
        ----------------------------------------------------------------------

        OpenLinux 3.1.1 Server          prior to groff-1.17.2-3.i386.rpm
                                        prior to groff-dvi-1.17.2-3.i386.rpm
                                        prior to groff-gxditview-1.17.2-3.i386.rpm
                                        prior to groff-lj4-1.17.2-3.i386.rpm
                                        prior to groff-misc-1.17.2-3.i386.rpm
                                        prior to groff-ps-1.17.2-3.i386.rpm

        OpenLinux 3.1.1 Workstation     prior to groff-1.17.2-3.i386.rpm
                                        prior to groff-dvi-1.17.2-3.i386.rpm
                                        prior to groff-gxditview-1.17.2-3.i386.rpm
                                        prior to groff-lj4-1.17.2-3.i386.rpm
                                        prior to groff-misc-1.17.2-3.i386.rpm
                                        prior to groff-ps-1.17.2-3.i386.rpm

        OpenLinux 3.1 Server            prior to groff-1.17.2-3.i386.rpm
                                        prior to groff-dvi-1.17.2-3.i386.rpm
                                        prior to groff-gxditview-1.17.2-3.i386.rpm
                                        prior to groff-lj4-1.17.2-3.i386.rpm
                                        prior to groff-misc-1.17.2-3.i386.rpm
                                        prior to groff-ps-1.17.2-3.i386.rpm

        OpenLinux 3.1 Workstation       prior to groff-1.17.2-3.i386.rpm
                                        prior to groff-dvi-1.17.2-3.i386.rpm
                                        prior to groff-gxditview-1.17.2-3.i386.rpm
                                        prior to groff-lj4-1.17.2-3.i386.rpm
                                        prior to groff-misc-1.17.2-3.i386.rpm
                                        prior to groff-ps-1.17.2-3.i386.rpm


3. Solution

        The proper solution is to install the latest packages. Many
        customers find it easier to use the Caldera System Updater, called
        cupdate (or kcupdate under the KDE environment), to update these
        packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

        4.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-057.0/RPMS

        4.2 Packages

        97cde53f8a034e27c157787233fa7a82        groff-1.17.2-3.i386.rpm
        1f4f7c5c7c9bfe5ba26d9d7c86ca2f1c        groff-dvi-1.17.2-3.i386.rpm
        41a8769b87457634e80f2d17e548c616        groff-gxditview-1.17.2-3.i386.rpm
        02a850bb6b19a6a2e3d01b04bf78daa7        groff-lj4-1.17.2-3.i386.rpm
        bfbbc855cdbe94f96b62e94ffdc5888f        groff-misc-1.17.2-3.i386.rpm
        3ab443231dbad7ade9bbd326994fdfcc        groff-ps-1.17.2-3.i386.rpm

        4.3 Installation

        rpm -Fvh groff-1.17.2-3.i386.rpm
        rpm -Fvh groff-dvi-1.17.2-3.i386.rpm
        rpm -Fvh groff-gxditview-1.17.2-3.i386.rpm
        rpm -Fvh groff-lj4-1.17.2-3.i386.rpm
        rpm -Fvh groff-misc-1.17.2-3.i386.rpm
        rpm -Fvh groff-ps-1.17.2-3.i386.rpm

        4.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-057.0/SRPMS

        4.5 Source Packages

        15053a07e89f2942bad9ad5b488c41fe        groff-1.17.2-3.src.rpm


5. OpenLinux 3.1.1 Workstation

        5.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-057.0/RPMS

        5.2 Packages

        08e9e164e48ffd2c78615626d5ce3522        groff-1.17.2-3.i386.rpm
        4460abd26d248c085e6c585aec7f9e21        groff-dvi-1.17.2-3.i386.rpm
        760ae3d622edcad7b02b624ec476b40b        groff-gxditview-1.17.2-3.i386.rpm
        27b39c6715d3e48003f28bced286d4d7        groff-lj4-1.17.2-3.i386.rpm
        8e9dd615b204e90442dd43dbeec451c4        groff-misc-1.17.2-3.i386.rpm
        e190652ae7ca2114030c84695df9e8ed        groff-ps-1.17.2-3.i386.rpm

        5.3 Installation

        rpm -Fvh groff-1.17.2-3.i386.rpm
        rpm -Fvh groff-dvi-1.17.2-3.i386.rpm
        rpm -Fvh groff-gxditview-1.17.2-3.i386.rpm
        rpm -Fvh groff-lj4-1.17.2-3.i386.rpm
        rpm -Fvh groff-misc-1.17.2-3.i386.rpm
        rpm -Fvh groff-ps-1.17.2-3.i386.rpm

        5.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-057.0/SRPMS

        5.5 Source Packages

        4acd593c12f55c6c7795012f84f3623a        groff-1.17.2-3.src.rpm


6. OpenLinux 3.1 Server

        6.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-057.0/RPMS

        6.2 Packages

        946532956ed956cf42b332700868e4bc        groff-1.17.2-3.i386.rpm
        d2bc6dd3aeeed36c90e14c0d46aa2b32        groff-dvi-1.17.2-3.i386.rpm
        13f990458b949b7df79db98050d92559        groff-gxditview-1.17.2-3.i386.rpm
        c18d911b5d99d426580d4218873a8d57        groff-lj4-1.17.2-3.i386.rpm
        7a9aaa904516e2e0ffa5b01ea980b83f        groff-misc-1.17.2-3.i386.rpm
        ea9b3c243df36e9296ac83a65273de8e        groff-ps-1.17.2-3.i386.rpm

        6.3 Installation

        rpm -Fvh groff-1.17.2-3.i386.rpm
        rpm -Fvh groff-dvi-1.17.2-3.i386.rpm
        rpm -Fvh groff-gxditview-1.17.2-3.i386.rpm
        rpm -Fvh groff-lj4-1.17.2-3.i386.rpm
        rpm -Fvh groff-misc-1.17.2-3.i386.rpm
        rpm -Fvh groff-ps-1.17.2-3.i386.rpm

        6.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-057.0/SRPMS

        6.5 Source Packages

        6cf0963d7198051216a47f0e58bf5872        groff-1.17.2-3.src.rpm


7. OpenLinux 3.1 Workstation

        7.1 Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-057.0/RPMS

        7.2 Packages

        8e140f667d10307b46e997a549cb9d48        groff-1.17.2-3.i386.rpm
        4e0d4ce0a07867813444e3b11c78582a        groff-dvi-1.17.2-3.i386.rpm
        5f66f8e114051363176a8c76b7129c91        groff-gxditview-1.17.2-3.i386.rpm
        3b095e1cb90d8bd9514240e14e6a60a9        groff-lj4-1.17.2-3.i386.rpm
        a86a1ad1879fd5c16535fd556ee8c9c9        groff-misc-1.17.2-3.i386.rpm
        f14fb8511b91801c3adadd1681e68d98        groff-ps-1.17.2-3.i386.rpm

        7.3 Installation

        rpm -Fvh groff-1.17.2-3.i386.rpm
        rpm -Fvh groff-dvi-1.17.2-3.i386.rpm
        rpm -Fvh groff-gxditview-1.17.2-3.i386.rpm
        rpm -Fvh groff-lj4-1.17.2-3.i386.rpm
        rpm -Fvh groff-misc-1.17.2-3.i386.rpm
        rpm -Fvh groff-ps-1.17.2-3.i386.rpm

        7.4 Source Package Location

        ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-057.0/SRPMS

        7.5 Source Packages

        d7697033c30c1c8027bdaf6fb2cc0e4a        groff-1.17.2-3.src.rpm


8. References

        Specific references for this advisory:

                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0003
                http://online.securityfocus.com/bid/3103

        SCO security resources:

                http://www.sco.com/support/security/index.html

        This security fix closes SCO incidents sr870253, fz526301,
        erg712142.


9. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers intended
        to promote secure installation and use of SCO products.


10. Acknowledgements

        zen-parse discovered and investigated this vulnerability.

______________________________________________________________________________

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
  • Security Update: [CSSA-2002-057.0] Linux: groff pic buffer overflow security (Dec 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]