[Full-disclosure] UnixWare 7.1.4 : Updated mozilla fixes many security issues

please_reply_to_security_at_sco.com
Date: 05/18/05

  • Next message: list_at_rem0te.com: "[Full-disclosure] NOVELL ZENWORKS MULTIPLE REMØTE STACK & HEAP OVERFLOWS"
    To: security-announce@list.sco.com, bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
    Date: Wed, 18 May 2005 13:16:47 -0700
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    ______________________________________________________________________________

                            SCO Security Advisory

    Subject: UnixWare 7.1.4 : Updated mozilla fixes many security issues
    Advisory number: SCOSA-2005.25
    Issue date: 2005 May 18
    Cross reference: sr891008 fz529877 erg712655 sr891398 fz530151 erg712686 sr892164 fz530485 erg712734 sr892473 fz530642 erg712748 sr893376 fz531626 erg712820 CAN-2005-0399 CAN-2004-0597 CAN-2004-0599 CAN-2004-0718 CAN-2004-0722 CAN-2004-0757 CAN-2004-0758 CAN-2004-0759 CAN-2004-0760 CAN-2004-0761 CAN-2004-0762 CAN-2004-0763 CAN-2004-0764 CAN-2004-0765
    ______________________________________________________________________________

    1. Problem Description

            The Mozilla 1.7.6 browser in this update represents a
            significant advancement in features and fixes over the
            Mozilla 1.2.1 released with UnixWare 7.1.4.

            This update addresses the following security issues:

            Technical Cyber Security Alert TA04-261A Multiple vulnerabilities in
            Mozilla products

            VU#414240 - Mozilla Mail vulnerable to buffer overflow via writeGroup()
                        function in nsVCardObj.cpp
            VU#847200 - Mozilla contains integer overflows in bitmap image decoder
            VU#808216 - Mozilla contains heap overflow in UTF8 conversion of
                        hostname portion of URLs
            VU#125776 - Multiple buffer overflows in Mozilla POP3 protocol handler
            VU#327560 - Mozilla "send page" feature contains a buffer overflow
            VU#651928 - Mozilla allows arbitrary code execution via link dragging

            These vulnerabilities could allow a remote attacker to execute arbitrary
            code with the privileges of the user running the affected application.

            This fix also addresses several other security issues, and their
            CAN numbers are listed below.

            The Common Vulnerabilities and Exposures project (cve.mitre.org)
            has assigned the following names:CAN-2005-0399 CAN-2004-0597
            CAN-2004-0599 CAN-2004-0718 CAN-2004-0722 CAN-2004-0757
            CAN-2004-0758 CAN-2004-0759 CAN-2004-0760 CAN-2004-0761
            CAN-2004-0762 CAN-2004-0763 CAN-2004-0764 CAN-2004-0765

    2. Vulnerable Supported Versions

            System Binaries
            ----------------------------------------------------------------------
            UnixWare 7.1.4 Mozilla distribution

    3. Solution

            The proper solution is to install the latest packages.

    4. UnixWare 7.1.4

            4.1 Location of Fixed Binaries

            ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.25

            4.2 Verification

            (mozilla-1.7.6.pkg) = c4f4ee1a73c3d6d10d3064c7e68f6299

            md5 is available for download from
                    ftp://ftp.sco.com/pub/security/tools

            4.3 Installing Fixed Binaries

            Upgrade the affected binaries with the following sequence:

            Download mozilla.image.pkg to the /var/spool/pkg directory

            # pkgadd -d /var/spool/pkg/mozilla.image.pkg

    5. References

            Specific references for this advisory:
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0718
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0722
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0757
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0759
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0760
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0761
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0762
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0764
                    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0765
                    http://www.us-cert.gov/cas/techalerts/TA04-261A.html
                    http://www.kb.cert.org/vuls/id/414240
                    http://www.kb.cert.org/vuls/id/847200
                    http://www.kb.cert.org/vuls/id/808216
                    http://www.kb.cert.org/vuls/id/125776
                    http://www.kb.cert.org/vuls/id/327560
                    http://www.kb.cert.org/vuls/id/651928

            SCO security resources:
                    http://www.sco.com/support/security/index.html

            SCO security advisories via email
                    http://www.sco.com/support/forums/security.html

            This security fix closes SCO incidents sr891008 fz529877
            erg712655 sr891398 fz530151 erg712686 sr892164 fz530485
            erg712734 sr892473 fz530642 erg712748 sr893376 fz531626
            erg712820.

    6. Disclaimer

            SCO is not responsible for the misuse of any of the information
            we provide on this website and/or through our security
            advisories. Our advisories are a service to our customers
            intended to promote secure installation and use of SCO
            products.

    7. Acknowledgments

            SCO would like to thank Georgi Guninski, Gael Delalleau,
            Mats Palmgren, and Jesse Ruderman

    ______________________________________________________________________________

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (SCO/SYSV)

    iD8DBQFCi1rVaqoBO7ipriERAiHrAJ4trp0n1Tse98oWr7VU0jGFlhes+gCfVZph
    9SDDehPywPTZzQdU4V9xrEs=
    =udtT
    -----END PGP SIGNATURE-----
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: list_at_rem0te.com: "[Full-disclosure] NOVELL ZENWORKS MULTIPLE REMØTE STACK & HEAP OVERFLOWS"

    Relevant Pages