[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] SCOSA-2005.60 UnixWare 7.1.3 UnixWare 7.1.4 : Tcpdump Denial of Service
- To: security-announce@xxxxxxxxxxxx
- Subject: [Full-disclosure] SCOSA-2005.60 UnixWare 7.1.3 UnixWare 7.1.4 : Tcpdump Denial of Service
- From: security@xxxxxxx
- Date: Fri, 16 Dec 2005 19:36:44 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Tcpdump Denial of
Service
Advisory number: SCOSA-2005.60
Issue date: 2005 December 16
Cross reference: sr893915 erg712849 fz532314
CVE-2005-1278 CVE-2005-1279 CVE-2005-1280
______________________________________________________________________________
1. Problem Description
Various flaws in tcpdump can allow remote attackers to cause
denial of service.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the following names to these issue: CVE-2005-1278,
CVE-2005-1279, CVE-2005-1280.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.3 /usr/sbin/tcpdump
UnixWare 7.1.4 /usr/sbin/tcpdump
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60
4.2 Verification
MD5 (p532314.image) = 065c23a3c5f662f5bbf9a1f34a6fbeba
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
The following package should be installed on your
system before you install this fix:
UnixWare 7.1.3 Maintenance Pack 5
Upgrade the affected binaries with the following sequence:
Download p532314.image to the /var/spool/pkg directory.
# pkgadd -d /var/spool/pkg/p532314.image
5. UnixWare 7.1.4
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.60
5.2 Verification
MD5 (p532314.image) = 065c23a3c5f662f5bbf9a1f34a6fbeba
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
The following package should be installed on your
system before you install this fix:
UnixWare 7.1.4 Maintenance Pack 2
Upgrade the affected binaries with the following sequence:
Download p532314.image to the /var/spool/pkg directory.
# pkgadd -d /var/spool/pkg/p532314.image
6. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1280
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr893915 erg712849
fz532314.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)
iD8DBQFDo1jMaqoBO7ipriERApNVAJ43066O/0OGdxsSHxzd6aba+2jZFQCgnKOT
jNeLmBn/yj5Hua+4eVnG4gU=
=hsOH
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/