'SCO Security patches (for land, winnuke)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    SCO Security patches (for land, winnuke)
From:       Ernesto Baschny <ernst () PEM ! COM>
Date:       1998-02-27 15:50:22
[Download RAW message or body]

From ftp://ftp.sco.com/SSE/sse010.ltr:

-------------------------------------------------------------------------
 System Security Enhancement (SSE) 010 - 24th February 1998

Problem:

 Many denial of service attacks against Internet-connected sites
 have been reported recently - exploit programs are widely
 available.  SCO systems targeted by some of these attacks
 ("land" and "winnuke") may crash or hang.

 The enclosed patch should be applied as soon as possible.

Patch:

 A replacement TCP driver is supplied for each of the following
 SCO operating systems:

 - SCO Open Desktop/Open Server Release 3.0
 - SCO CMW+ 3.0
 - SCO OpenServer Release 5.0
 - SCO UnixWare 2.1

 Note that if SLS OSS468 (for OpenServer 5.0.0 and 5.0.2) or
 SLS OSS469 (for OpenServer 5.0.4) has been installed, this
 patch should NOT be installed - OSS468 and OSS469 include
 this fix, and installing this patch after OSS468 or OSS469
 will nullify other fixes contained in the SLS.

 At the time of writing, OSS468 and OSS469 are not yet
 available, so this patch should be installed in the meantime -
 OSS468 and OSS469 can still be safely installed after this
 patch.

Prerequisites:

 All updates listed in this section are available for
 download from the SCO ftp site: ftp.sco.com .

 On OpenServer 5.0.0, the following updates MUST be installed
 prior to this patch:

 - RS500D (Release Supplement)
 - NET100 (Networking Supplement)
 - OSS449F (Network Maintenance Supplement)

 On OpenServer 5.0.2, the following updates MUST be installed
 prior to this patch:

 - OSS449F (Network Maintenance Supplement)

 On OpenServer 5.0.4, the following updates MUST be installed
 prior to this patch:

 - RS504C (Release Supplement)

 On UnixWare 2.1.0, the following updates MUST be installed
 prior to this patch:

 - UPD211 (SCO UnixWare 2.1.1 Update)
 - PTF3280L (Network Maintenance Supplement)

 On UnixWare 2.1.1 and 2.1.2, the following updates MUST be
 installed prior to this patch:

 - PTF3280L (Network Maintenance Supplement)

Installation:

 Perform the following steps logged in as root:

 1. Create a temporary directory, and copy SSE010 into it:

  # mkdir /tmp/sse010
  # cp sse010.tar.Z /tmp/sse010

 2. uncompress the tar file:

  # cd /tmp/sse010
  # uncompress sse010.tar.Z

 3. extract the files from the tar file:

  # tar xvf sse010.tar

 4. Replace your existing TCP driver with the updated driver,
    and relink the kernel:

    - For SCO Open Desktop/Open Server 3.0:

  # cd /etc/conf/pack.d/tcp
  # mv Driver.o Driver.o.old    (saves existing driver)
  # mv /tmp/sse010/Driver.o.odt3 Driver.o
  # /etc/conf/cf.d/link_unix

      Reply 'y' to the prompts for the new kernel to boot
      by default, and to rebuild the kernel environment.

    - For SCO CMW+ 3.0:

  # cd /etc/conf/pack.d/tcp
  # mv Driver.o Driver.o.old    (saves existing driver)
  # mv /tmp/sse010/Driver.o.cmw3 Driver.o
  # /etc/conf/cf.d/link_unix

      Reply 'y' to the prompts for the new kernel to boot
      by default, and to rebuild the kernel environment.

    - For SCO OpenServer 5.0:

  # cd /usr/lib/tcprt/ID/tcp
  # mv Driver.o Driver.o.old    (saves existing driver)
  # mv /tmp/sse010/Driver.o.osr5 Driver.o
  # cp Driver.o /etc/conf/pack.d/tcp    (important!)
  # /etc/conf/cf.d/link_unix

      Reply 'y' to the prompts for the new kernel to boot
      by default, and to rebuild the kernel environment.

      (Note that for OpenServer 5.0, installation of the new
       driver will cause "custom" to display an error in future
       when the "Verify" command is chosen - be sure not to
       specify that this error be fixed, as it will cause the
       new driver to be overwritten by the old one.)

    - For SCO UnixWare 2.1:

  # cd /etc/conf/pack.d/tcp
  # mv Driver_atup.o Driver_atup.o.old
  # mv Driver_mp.o Driver_mp.o.old    (saves existing drivers)
  # mv /tmp/sse010/Driver_atup.o .
  # mv /tmp/sse010/Driver_mp.o .
  # /etc/conf/idbuild -B

 5. Shut down and reboot your system.  (On UnixWare 2.1, be sure
    to use the "shutdown" command, as it is this which installs
    the relinked kernel.)

Disclaimer:

SCO believes that this patch addresses the reported vulnerability.
However, in order that it be released as soon as possible, this patch has
not been fully tested or packaged to SCO's normal exacting standards.  For
that reason, this patch is not officially supported. Official supported
and packaged fixes for current SCO products will be available in due
course.
-------------------------------------------------------------------------

--
Ernesto Baschny                                   Stuttgart - Germany
 ernst@studbox.uni-stuttgart.de             Uni-Stuttgart, Informatik
 ernst@pem.com                         PEM GmbH - SCO Premier Partner

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic