From security@sco.com Tue Jan 3 12:09:58 2006 From: security@sco.com To: security-announce@list.sco.com Date: Tue, 3 Jan 2006 12:08:04 -0500 (EST) Subject: [Full-disclosure] SCOSA-2006.1 OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : BIND Denial of Service Vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ____________________________________________________________________________ __ SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : BIND Denial of Service Vulnerability Advisory number: SCOSA-2006.1 Issue date: 2006 January 03 Cross reference: sr892955 fz531004 erg712788 CVE-2005-0033 VU#327633 ____________________________________________________________________________ __ 1. Problem Description BIND (the Berkeley Internet Name Daemon) is the Domain Name Service for Unix systems. BIND version 8.4.4 is vulnerable to a remote denial of service attack, caused by a buffer overflow in the in q_usedns array. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0033 to this issue. 2. Vulnerable Supported Versions System Binaries -------------------------------------------------------------------- -- OpenServer 5.0.6 bind distribution OpenServer 5.0.7 bind distribution OpenServer 6.0.0 bind distribution 3. Solution The proper solution is to install the latest packages. 4. OpenServer 5.0.6 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1 4.2 Verification MD5 (p531004.507_vol.tar) = 708a75f3307ffbeaf9b8d9aba3cef7df md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries The following package should be installed on your system before you install this fix: OSS646C Upgrade the affected binaries with the following sequence: 1) Download p531004.507_vol.tar file to a directory. 2) Extract VOL* files. # tar xvf p531004.507_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 5. OpenServer 5.0.7 5.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1 5.2 Verification MD5 (p531004.507_vol.tar) = 708a75f3307ffbeaf9b8d9aba3cef7df md5 is available for download from ftp://ftp.sco.com/pub/security/tools 5.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download p531004.507_vol.tar file to a directory. 2) Extract VOL* files. # tar xvf p531004.507_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 6. OpenServer 6.0.0 6.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.1 6.2 Verification MD5 (p531004.600_vol.tar) = d15f8ccbceb67cce746c4a67189145d9 md5 is available for download from ftp://ftp.sco.com/pub/security/tools 6.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: 1) Download p531004.600_vol.tar file to a directory. 2) Extract VOL* files. # tar xvf p531004.600_vol.tar 3) Run the custom command, specify an install from media images, and specify the directory as the location of the images. 7. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0033 http://www.kb.cert.org/vuls/id/VU#327633 http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html?l ang=en http://xforce.iss.net/xforce/xfdb/19063 SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents sr892955 fz531004 erg712788. 8. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. ____________________________________________________________________________ __ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (UnixWare) iD8DBQFDuqIBaqoBO7ipriERAhwPAKCYDecYldK3rNJKh4nL8KDGZk5tqwCghVMD w2RMr1fTzJJdPFd+X8w6D1k= =ldc+ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/