===========================================================================
SCO Security Bulletin 98.07
October 13, 1998
Security Vulnerability in Old Versions of rdist
---------------------------------------------------------------------------

I.   Description

Security vulnerabilities which were previously corrected in the
OpenServer 5 rdist binary have been discovered to still be present in
the OpenServer 5 ordist binary, and in the versions of rdist on SCO Unix
3.2v4/Open Desktop 3 and SCO CMW+.  These vulnerabilities include those
described in CERT advisories CA-97.23 and CA-96.14 .

II.  Impact
        
These vulnerabilities could allow local users to gain root access.

Exploit details for some of the vulnerability have been published, so we
recommend that the patch decribed below is installed on all multi-user
systems as soon as possible.

III. Releases

This problem exists on the following releases of SCO operating systems:

     - SCO OpenServer 5 (also Internet FastStart)
     - SCO Open Desktop/Open Server 3 (also TCP/IP 1.2.1)
     - SCO CMW+ 3
	
SCO UnixWare is not affected.

IV.  Solution

SCO is providing an interim patch to address this issue in the form of a
System Security Enhancement (SSE) package.

SSE017 contains replacement binaries for each system type, and is
available for Internet download via anonymous ftp, and from the SCOFORUM
on Compuserve.

You can download the SSE package as follows:

Anonymous ftp (World Wide Web URL):

    ftp://ftp.sco.COM/SSE/sse017.ltr    (cover letter, ASCII text)
    ftp://ftp.sco.COM/SSE/sse017.tar.Z  (new binaries, compressed tar file)

Compuserve:

    GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames:

	SSE017.LTR	(cover letter, ASCII text)
	SSE017.TAZ	(new binaries, compressed tar file)

Checksums (sum -r):

    35378     6 sse017.ltr
    52472   324 sse017.tar.Z

V.   Updates

This bulletin is available for anonymous ftp download from 
ftp://ftp.sco.COM/SSE/security_bulletins/SB-98.07a, and will be
updated as new information becomes available.

The latest information on security vulnerabilities and fixes from
SCO is available on the world-wide web at http://www.sco.com/security/

VI.  Further Information:

If you have further questions, contact your support provider.  If you
need to contact SCO, please send electronic mail to support@sco.COM, or
contact SCO as follows. 

    USA/Canada: 6am-5pm Pacific Time (PST/PDT)
    -----------
    1-800-347-4381  (voice)
    1-408-427-5443  (fax)

    Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
    ------------------------------------------------ Time (PST/PDT)
    1-408-425-4726  (voice)
    1-408-427-5443  (fax)

    Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
    ----------------------------
    +44 (0)1923 816344 (voice)
    +44 (0)1923 817781 (fax)