December 2005
Two SCO Security Advisories: 1. SCOSA-2005.64 - UnixWare 7.1.3 UnixWare 7.1.4 : TCP Denial of Service Vulnerability 2. SCOSA-2005.65 - OpenServer 6.0.0 : TCP Denial of Service Vulnerability
ID: 01137
Ref: 1069/2005
Date: 23 December 2005:10:07:44
Version: 1
Title: Two SCO Security Advisories: 1. SCOSA-2005.64 - UnixWare 7.1.3 UnixWare 7.1.4 : TCP Denial of Service Vulnerability 2. SCOSA-2005.65 - OpenServer 6.0.0 : TCP Denial of Service Vulnerability
Abstract:
Vendors affected: SCO
Operating systems affected: SCO
Applications affected: SCO
Title
=====
Two SCO Security Advisories:
1. SCOSA-2005.64 - UnixWare 7.1.3 UnixWare 7.1.4 : TCP Denial of Service Vulnerability
2. SCOSA-2005.65 - OpenServer 6.0.0 : TCP Denial of Service Vulnerability
Detail
======
1. TCP does not adequately validate segments before updating
timestamp value allowing a remote attacker to arbitrarily modify
host timestamp values that will in turn cause TCP connections to
abort/drop segments, leading to a denial-of-service condition.
2. TCP does not adequately validate segments before updating
timestamp value allowing a remote attacker to arbitrarily modify
host timestamp values that will in turn cause TCP connections to
abort/drop segments, leading to a denial-of-service condition.
1.
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: UnixWare 7.1.3 UnixWare 7.1.4 : TCP Denial of Service Vulnerability
Advisory number: SCOSA-2005.64
Issue date: 2005 December 22
Cross reference: sr893333 fz531593 erg712814
CVE-2005-0356 VU#637934
______________________________________________________________________________
1. Problem Description
TCP does not adequately validate segments before updating
timestamp value allowing a remote attacker to arbitrarily modify
host timestamp values that will in turn cause TCP connections to
abort/drop segments, leading to a denial-of-service condition.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2005-0356 to this issue.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.3 /etc/conf/pack.d/inet/Driver_atup.o
/etc/conf/pack.d/inet/Driver_mp.o
UnixWare 7.1.4 /etc/conf/pack.d/inet/Driver_atup.o
/etc/conf/pack.d/inet/Driver_mp.o
/etc/conf/pack.d/inet/space.c
3. Solution
The proper solution is to install the latest packages.
4. UnixWare 7.1.3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64
4.2 Verification
MD5 (p531593.713.image) = cd1cb0636dbbb4a26ce95c37f2cf78fb
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
The following package should be installed on your system before
you install this fix:
UnixWare 7.1.3 Maintenance Pack 5
Upgrade the affected binaries with the following sequence:
Download p531593.713.image to the /var/spool/pkg directory.
# pkgadd -d /var/spool/pkg/p531593.713.image
5. UnixWare 7.1.4
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64
5.2 Verification
MD5 (p531593.714.image) = df2fbb69838cd7bdfa4f68135835612c
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
The following package should be installed on your system before
you install this fix:
UnixWare 7.1.4 Maintenance Pack 2
ptf9051
Upgrade the affected binaries with the following sequence:
Download p531593.714.image to the /var/spool/pkg directory.
# pkgadd -d /var/spool/pkg/p531593.714.image
6. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0356
http://www.kb.cert.org/vuls/id/VU#637934
http://www.securityfocus.com/bid/13676
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr893333 fz531593
erg712814.
7. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
8. Acknowledgments
SCO would like to thank Noritoshi Demizu for researching and
reporting this vulnerability.
______________________________________________________________________________
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)
iD8DBQFDqsO+aqoBO7ipriERAndNAJwKGS/jdCzclIa18d05DWPrcTocGwCghg+/
ZE9qL+A6cbTY2B4h7gapDrY=
=jJCv
- -----END PGP SIGNATURE-----
2.
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SCO Security Advisory
Subject: OpenServer 6.0.0 : TCP Denial of Service Vulnerability
Advisory number: SCOSA-2005.65
Issue date: 2005 December 22
Cross reference: sr895069 fz533038 erg712959
CVE-2005-0356 VU#637934
______________________________________________________________________________
1. Problem Description
TCP does not adequately validate segments before updating
timestamp value allowing a remote attacker to arbitrarily modify
host timestamp values that will in turn cause TCP connections to
abort/drop segments, leading to a denial-of-service condition.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2005-0356 to this issue.
2. Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
OpenServer 6.0.0 /etc/conf/pack.d/inet/Driver.o
/etc/conf/pack.d/inet/space.c
3. Solution
The proper solution is to install the latest packages.
4. OpenServer 6.0.0
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.65
4.2 Verification
MD5 (VOL.000.000) = d03297c53c5eec5c7c83b0f0525a5b36
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
1) Download the VOL* files to a directory.
2) Run the custom command, specify an install from media
images, and specify the directory as the location of the
images.
5. References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0356
http://www.kb.cert.org/vuls/id/VU#637934
http://www.securityfocus.com/bid/13676
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents sr895069 fz533038
erg712959.
6. Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.
7. Acknowledgments
SCO would like to thank Noritoshi Demizu for researching and
reporting this vulnerability.
______________________________________________________________________________
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)
iD8DBQFDqsiPaqoBO7ipriERAoJPAJwNJ5cadRSy9ny4M3M+HLtCwsFuVwCgmxNb
GJ+pGBMLIBZi9ikCfDTfdRw=
=JJC9
- -----END PGP SIGNATURE-----