Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


SCO OpenLinux Advisories: vim, util-linux

Apr 01, 2004, 21:53 (6 Talkback[s])

SCO Security Advisory

Subject: OpenLinux: vim arbitrary commands execution through modelines
Advisory number: CSSA-2004-015.0
Issue date: 2004 March 30
Cross reference: sr889557 fz528946 erg712560 CAN-2002-1377


1. Problem Description

vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used as an editor for other products such as mutt.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2002-1377 to this issue.

2. Vulnerable Supported Versions

System Package
OpenLinux 3.1.1 Server prior to vim-6.2-1.i386.rpm
prior to vim-X11-6.2-1.i386.rpm
prior to vim-help-6.2-1.i386.rpm
prior to vim-i18n-6.2-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to vim-6.2-1.i386.rpm
prior to vim-X11-6.2-1.i386.rpm
prior to vim-help-6.2-1.i386.rpm
prior to vim-i18n-6.2-1.i386.rpm

3. Solution

The proper solution is to install the latest packages. Unix users with Linux Kernel Personality can use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-015.0/RPMS

4.2 Packages

2eaf8ff7d07ae09123dff2c16e68df5f vim-6.2-1.i386.rpm
b9872220a38cad8103089dfe600a188d vim-X11-6.2-1.i386.rpm
ec819c86427a02d6c8971ca6567efedd vim-help-6.2-1.i386.rpm
7ff1f641f70fc8fb216e2d683b814400 vim-i18n-6.2-1.i386.rpm

4.3 Installation

rpm -Fvh vim-6.2-1.i386.rpm
rpm -Fvh vim-X11-6.2-1.i386.rpm
rpm -Fvh vim-help-6.2-1.i386.rpm
rpm -Fvh vim-i18n-6.2-1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-015.0/SRPMS

4.5 Source Packages

236756ca0c61400c475c8d84622ade61 vim-6.2-1.src.rpm

5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-015.0/RPMS

5.2 Packages

2ebcc5f8e7b0d893b058fc241c7844b5 vim-6.2-1.i386.rpm
a75f8d7349cfa8e1cb6ba23a0267a7e1 vim-X11-6.2-1.i386.rpm
f618eaf8d81f2a8ac85ad9c517c28ae5 vim-help-6.2-1.i386.rpm
cc12e062b2f69bbf2a6c861e0da0749b vim-i18n-6.2-1.i386.rpm

5.3 Installation

rpm -Fvh vim-6.2-1.i386.rpm
rpm -Fvh vim-X11-6.2-1.i386.rpm
rpm -Fvh vim-help-6.2-1.i386.rpm
rpm -Fvh vim-i18n-6.2-1.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-015.0/SRPMS

5.5 Source Packages

85709bfff745aeda4f4aa090cee834e7 vim-6.2-1.src.rpm

6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1377
http://lists.netsys.com/pipermail/full-disclosure/2002-December/003330.html
http://www.guninski.com/vim1.html

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr889557 fz528946 erg712560.

7. Disclaimer

SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products.

8. Acknowledgements

SCO would like to thank Georgi Guninski



SCO Security Advisory

Subject: OpenLinux: util-linux could leak sensitive data
Advisory number: CSSA-2004-016.0
Issue date: 2004 March 30
Cross reference: sr889555 fz528943 erg712558 CAN-2004-0080

1. Problem Description

The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0080 to this issue.

2. Vulnerable Supported Versions

System Package
OpenLinux 3.1.1 Server prior to util-linux-2.12-1.i386.rpm
OpenLinux 3.1.1 Workstation prior to util-linux-2.12-1.i386.rpm

3. Solution

The proper solution is to install the latest packages. Unix users with Linux Kernel Personality can use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand.

4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-016.0/RPMS

4.2 Packages

43420f997baa5875bba02bc8df410f88 util-linux-2.12-1.i386.rpm

4.3 Installation

rpm -Fvh util-linux-2.12-1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-016.0/SRPMS

4.5 Source Packages

7a014652e2029b4dda3209b62e1ba375 util-linux-2.12-1.src.rpm

5. OpenLinux 3.1.1 Workstation

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-016.0/RPMS

5.2 Packages

cff227fcbc2d7e121e2134927b86a125 util-linux-2.12-1.i386.rpm

5.3 Installation

rpm -Fvh util-linux-2.12-1.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2004-016.0/SRPMS

5.5 Source Packages

24c22395492db21fbd62d4c0419ec524 util-linux-2.12-1.src.rpm

6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0080

SCO security resources:
http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr889555 fz528943 erg712558.

7. Disclaimer

SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products.

8. Acknowledgements

SCO would like to thank Red Hat