[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability

To: security-announce@xxxxxxxxxxxx
Subject: [Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability
From: security@xxxxxxx
Date: Wed, 21 Dec 2005 11:34:42 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

                        SCO Security Advisory

Subject:                OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : 
wu-ftp Denial of Service Vulnerability
Advisory number:        SCOSA-2005.63
Issue date:             2005 December 21
Cross reference:        sr893936 fz532335 erg712856
                        sr895049 fz533027 erg712952
                        CVE-2005-0256
______________________________________________________________________________


1. Problem Description

        The wu_fnmatch function in wu_fnmatch.c allows remote attackers
        to cause a denial of service (CPU exhaustion by recursion) via a
        glob pattern with a large number of * (wildcard) characters, as
        demonstrated using the dir command.

        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the following name CVE-2005-0256 to this issue.


2. Vulnerable Supported Versions

        System                          Binaries
        ----------------------------------------------------------------------
        OpenServer 5.0.6                /etc/ftpd
        OpenServer 5.0.7                /etc/ftpd
        OpenServer 6.0.0                /etc/ftpd


3. Solution

        The proper solution is to install the latest packages.


4. OpenServer 5.0.6

        4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63


    4.2 Verification

        MD5 (p532335.506_vol.tar) = 89ea2ed1f88da6721bd73c3889f9ac0c

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools


    4.3 Installing Fixed Binaries

        The following package should be installed on your system before you
        install this fix:

                OSS646C

        Upgrade the affected binaries with the following sequence:

        1) Download p532335.506_vol.tar to a directory.

        2) Extract VOL* files.

           # tar xvf p532335.506_vol.tar

        3) Run the custom command, specify an install
           from media images, and specify the directory as
           the location of the images.


5. OpenServer 5.0.7

        5.1 Location of Fixed Binaries

        The fixes are only available in SCO OpenServer Release 5.0.7
        Maintenance Pack 4 or later.

        ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar


    5.2 Verification

        MD5 (osr507mp4_vol.tar) = 4c87d840ff5b43221258547d19030228

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools


    5.3 Installing Fixed Binaries

        See the SCO OpenServer Release 5.0.7 Maintenance Pack 4 Release
        and Installation Notes:

        ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm


6. OpenServer 6.0.0

        6.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.63


    6.2 Verification

        MD5 (p533027.600_vol.tar) = d939cb729d115c9bef2d2032903f2125

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools


    6.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        1) Download p533027.600_vol.tar to a directory.

        2) Extract VOL* files.

           # tar xvf p533027.600_vol.tar

        3) Run the custom command, specify an install
           from media images, and specify the directory as
           the location of the images.


7. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0256
                
http://www.idefense.com/application/poi/display?id=207&type=vulnerabilities

        SCO security resources:
                http://www.sco.com/support/security/index.html

        SCO security advisories via email
                http://www.sco.com/support/forums/security.html

        This security fix closes SCO incidents sr893936 fz532335
        erg712856 sr895049 fz533027 erg712952.


8. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers
        intended to promote secure installation and use of SCO
        products.


9. Acknowledgments

        SCO would like to thank Adam Zabrocki.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)

iD8DBQFDqYDTaqoBO7ipriERAtzOAJ0ctD8xRYQrLkkgyHsMqCvfQdPBFQCeIgx7
xqqmzQCNiw6t+WtSL5rqo4E=
=ha4X
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability
  - From: KF (lists)

Prev by Date: Re: [Full-disclosure] new attack technique? using JavaScript+XML+OWS Post Data
Next by Date: Re: [Full-disclosure] XSS vulnerabilities in Google.com
Previous by thread: [Full-disclosure] Alternate take on list trolls
Next by thread: Re: [Full-disclosure] SCOSA-2005.63 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service Vulnerability
Index(es):
- Date
- Thread