===================================================================== CERT-Renater Note d'Information No. 2006/VULN072 _____________________________________________________________________ DATE : 23/02/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : UnixWare 7.1.3, UnixWare 7.1.4. ====================================================================== ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability Advisory number: SCOSA-2006.9 Issue date: 2006 February 21 Cross reference: fz533176 CVE-2005-2934 ______________________________________________________________________________ 1. Problem Description A local user can exploit the ptrace() system call to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2934 to this issue. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- UnixWare 7.1.3 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o UnixWare 7.1.4 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o 3. Solution The proper solution is to install the latest packages. 4. UnixWare 7.1.3 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9 4.2 Verification a31512eee4940c6ba048a1b1878ac4fc p533176.713.image md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download p533176.713.image to the /var/spool/pkg directory # pkgadd -d /var/spool/pkg/p533176.713.image 5. UnixWare 7.1.4 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9 5.2 Verification 1b8fa986357036a8be043b642cc47e56 p533176.714.image md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download p533176.714.image to the /var/spool/pkg directory # pkgadd -d /var/spool/pkg/p533176.714.image 6. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2934 SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents fz533176. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 8. Acknowledgments SCO would like to thank iDEFENSE for reporting this vulnerability. ______________________________________________________________________________ ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================