Search:

February 2006

SCO Security Advisory: SCOSA-2006.9 - UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability

ID: 00154
Ref: 152/2006
Date: 22 February 2006:12:12:36
Version: 1

Title: SCO Security Advisory: SCOSA-2006.9 - UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability
Abstract: A local user can exploit the ptrace() system call to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2934 to this issue.
Vendors affected: SCO
Operating systems affected: SCO
Applications affected: SCO

Title
=====

SCO Security Advisory: SCOSA-2006.9 - UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace
Local Privilege Escalation Vulnerability

Detail
======

A local user can exploit the ptrace() system call to gain root privileges.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2005-2934 to this issue.

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

SCO Security Advisory

Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability
Advisory number: SCOSA-2006.9
Issue date: 2006 February 21
Cross reference: fz533176
CVE-2005-2934
______________________________________________________________________________

1. Problem Description

A local user can exploit the ptrace() system call to gain
root privileges.

The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-2934 to
this issue.

2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
UnixWare 7.1.3 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o
UnixWare 7.1.4 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o

3. Solution

The proper solution is to install the latest packages.

4. UnixWare 7.1.3

4.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9

4.2 Verification

a31512eee4940c6ba048a1b1878ac4fc p533176.713.image

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools

4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

Download p533176.713.image to the /var/spool/pkg directory

# pkgadd -d /var/spool/pkg/p533176.713.image

5. UnixWare 7.1.4

5.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9

5.2 Verification

1b8fa986357036a8be043b642cc47e56 p533176.714.image

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools

5.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

Download p533176.714.image to the /var/spool/pkg directory

# pkgadd -d /var/spool/pkg/p533176.714.image

6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2934

SCO security resources:
http://www.sco.com/support/security/index.html

SCO security advisories via email
http://www.sco.com/support/forums/security.html

This security fix closes SCO incidents fz533176.

7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.

8. Acknowledgments

SCO would like to thank iDEFENSE for reporting this vulnerability.

______________________________________________________________________________
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (UnixWare)

iD8DBQFD+8opaqoBO7ipriERAjDDAJsGF+jQxvdXGodCYyOizM4zWX6kBwCdFlWc
+wSF78NCwxKxa9xx7cU3KMg=
=YZgG
- -----END PGP SIGNATURE-----