Security Update: [CSSA-2002-SCO.21] OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely

From: security@caldera.com
Date: 05/29/02 

To: bugtraq@securityfocus.com, announce@lists.caldera.com, scoannmod@xenitec.on.ca
From: security@caldera.com
Date: Tue, 28 May 2002 16:05:40 -0700

To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.on.ca

______________________________________________________________________________

                Caldera International, Inc. Security Advisory

Subject: OpenServer 5.0.5 OpenServer 5.0.6 : sort command creates temporary files insecurely
Advisory number: CSSA-2002-SCO.21
Issue date: 2002 May 28
Cross reference:
______________________________________________________________________________

1. Problem Description

        The sort command creates and uses temporary files insecurely.
        Names can be predicted, and spoofed with symbolic links.

2. Vulnerable Supported Versions

        System Binaries
        ----------------------------------------------------------------------
        OpenServer 5.0.5 /bin/sort
        OpenServer 5.0.6 /bin/sort

3. Solution

        The proper solution is to install the latest packages.

4. OpenServer 5.0.5

        4.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.21

        4.2 Verification

        MD5 (VOL.000.000) = ebaac320d491aae20385b0c54af794fb

        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/

        4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        1) Download the VOL* files to the /tmp directory

        Run the custom command, specify an install from media images,
        and specify the /tmp directory as the location of the images.

5. OpenServer 5.0.6

        5.1 Location of Fixed Binaries

        ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.21

        5.2 Verification

        MD5 (VOL.000.000) = ebaac320d491aae20385b0c54af794fb

        md5 is available for download from
                ftp://stage.caldera.com/pub/security/tools/

        5.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following commands:

        1) Download the VOL* files to the /tmp directory

        Run the custom command, specify an install from media images,
        and specify the /tmp directory as the location of the images.

6. References

        Specific references for this advisory:
                none

        Caldera UNIX security resources:
                http://stage.caldera.com/support/security/

        Caldera OpenLinux security resources:
                http://www.caldera.com/support/security/index.html

        This security fix closes Caldera incidents sr848813,
        SCO-1-238, erg711767 .

7. Disclaimer

        Caldera International, Inc. is not responsible for the
        misuse of any of the information we provide on this website
        and/or through our security advisories. Our advisories are
        a service to our customers intended to promote secure
        installation and use of Caldera products.

______________________________________________________________________________