Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > December 2005 > SCO Security Advisory: SCOSA-2005.62 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Xloadimage NIFF Image Title Handling Buffer Overflow Vulnerability

December 2005

SCO Security Advisory: SCOSA-2005.62 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Xloadimage NIFF Image Title Handling Buffer Overflow Vulnerability

ID: 01128
Ref: 1060/2005
Date: 21 December 2005:13:37:57
Version: 1
Title: SCO Security Advisory: SCOSA-2005.62 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Xloadimage NIFF Image Title Handling Buffer Overflow Vulnerability
Abstract: A buffer overflow in xloadimage, might allow user-complicit attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations.
Vendors affected: SCO
Operating systems affected: SCO
Applications affected: SCO
Title
=====

SCO Security Advisory: SCOSA-2005.62 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 :
Xloadimage NIFF Image Title Handling Buffer Overflow Vulnerability


Detail
======

A buffer overflow in xloadimage, might allow user-complicit
attackers to execute arbitrary code via a long title name in a
NIFF file, which triggers the overflow during (1) zoom, (2)
reduce, or (3) rotate operations.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

SCO Security Advisory

Subject: OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Xloadimage NIFF
Image Title Handling Buffer Overflow Vulnerability
Advisory number: SCOSA-2005.62
Issue date: 2005 December 20
Cross reference: fz533253
CVE-2005-3178
______________________________________________________________________________


1. Problem Description

A buffer overflow in xloadimage, might allow user-complicit
attackers to execute arbitrary code via a long title name in a
NIFF file, which triggers the overflow during (1) zoom, (2)
reduce, or (3) rotate operations.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2005-3178 to this issue.


2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
OpenServer 5.0.6 xloadimage
OpenServer 5.0.7 xloadimage
OpenServer 6.0.0 xloadimage


3. Solution

The proper solution is to install the latest packages.


4. OpenServer 5.0.6

4.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62


4.2 Verification

MD5 (p533253.507_vol.tar) = 78221b0f25a95be496f47d15f3b869bb

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


4.3 Installing Fixed Binaries

The following package should be installed on your
system before you install this fix:

OSS646C

Upgrade the affected binaries with the following sequence:

1) Download p533253.507_vol.tar to a directory.

2) Extract VOL* files.

# tar xvf p533253.507_vol.tar

3) Run the custom command, specify an install
from media images, and specify the directory as
the location of the images.


5. OpenServer 5.0.7

5.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62


5.2 Verification

MD5 (p533253.507_vol.tar) = 78221b0f25a95be496f47d15f3b869bb

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


5.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download p533253.507_vol.tar to a directory.

2) Extract VOL* files.

# tar xvf p533253.507_vol.tar

3) Run the custom command, specify an install
from media images, and specify the directory as
the location of the images.


6. OpenServer 6.0.0

6.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.62


6.2 Verification

MD5 (p533253.600_vol.tar) = 1ced968e3d32ff0bd07013a4fd39b503

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


6.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download p533253.600_vol.tar to a directory.

2) Extract VOL* files.

# tar xvf p533253.600_vol.tar

3) Run the custom command, specify an install
from media images, and specify the directory as
the location of the images.


7. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3178
http://secunia.com/advisories/17087
http://securitytracker.com/id?1015072
http://www.securityfocus.com/bid/15051

SCO security resources:
http://www.sco.com/support/security/index.html

SCO security advisories via email
http://www.sco.com/support/forums/security.html

This security fix closes SCO incidents fz533253.


8. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.


9. Acknowledgments

SCO would like to thank Ariel Berkman for reporting this
vulnerability.

______________________________________________________________________________
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)

iD8DBQFDqIocaqoBO7ipriERAnc5AJ9ppjJkLG+UCUu6NpaPdeOPjqwb7QCfSUCD
13f5ej1t4OMfrLeEAu2b1NQ=
=g0gM
- -----END PGP SIGNATURE-----

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |