March 2006

ID: 00234
Ref: 223
Date: 24 March 2006:15:39:58
Version: 1

---

Title: Security Advisory:SCO SCOSA-2006.15 - OpenServer 5.0.7 OpenServer 6.0.0 : Xpdf
Abstract: Multiple buffer overflow vulnerabilities in xpdf.
Vendors affected: SCO
Operating systems affected: SCO
Applications affected: SCO

---

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

SCO Security Advisory

Subject: OpenServer 5.0.7 OpenServer 6.0.0 : Xpdf Multiple Buffer Overflow Vulnerabilities
Advisory number: SCOSA-2006.15
Issue date: 2006 March 22
Cross reference: fz533384 CVE-2005-3624 CVE-2005-3625
CVE-2005-3626 CVE-2005-3627 CVE-2006-0301

______________________________________________________________________________


1. Problem Description

Multiple buffer overflow vulnerabilities in xpdf.

The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the names CVE-2005-3624,
CVE-2005-3625, CVE-2005-3626, CVE-2005-3627, and CVE-2006-0301
to these issues.


2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
OpenServer 5.0.7 xpdf package
OpenServer 6.0.0 xpdf package


3. Solution

The proper solution is to install the latest packages.


4. OpenServer 5.0.7

4.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15


4.2 Verification

MD5 (xpdf-3.0.1Ta-5.0.7-VOLS.tar) = f5daeea33bf8930b98b535945dfa58cf

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download xpdf-3.0.1Ta-5.0.7-VOLS.tar to a directory.

2) Extract VOL* files.

# tar xvf xpdf-3.0.1Ta-5.0.7-VOLS.tar

3) Run the custom command, specify an install
from media images, and specify the directory as
the location of the images.


5. OpenServer 6.0.0

5.1 Location of Fixed Binaries

ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.iso


5.2 Verification

MD5 (osr600mp2.iso) = 7e560dcde374eb60df2b4a599ac20d8a

md5 is available for download from
ftp://ftp.sco.com/pub/security/tools


5.3 Installing Fixed Binaries

See the SCO OpenServer Release 6.0.0 Maintenance Pack 2 Release
and Installation Notes:

ftp://ftp.sco.com/pub/openserver6/600/mp/osr600mp2/osr600mp2.html


6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3191
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3192
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301
http://secunia.com/advisories/17897/
http://secunia.com/advisories/18303/
http://secunia.com/advisories/18677/

SCO security resources:
http://www.sco.com/support/security/index.html

SCO security advisories via email
http://www.sco.com/support/forums/security.html

This security fix closes SCO incidents fz533384.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.


8. Acknowledgments

Thanks to Chris Evans and others for reporting these
vulnerabilities.

______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (SCO_SV)

iD8DBQFEIu1uaqoBO7ipriERAj9sAJ9o28lTkefP/WwA+7+NdSyUhXZX/ACeJtlJ
aHzHUpCB/RdsbcKbF77nxL0=
=wcsd
-----END PGP SIGNATURE-----