-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SCO Security Advisory
Subject: UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege
Escalation Vulnerability
Advisory number: SCOSA-2006.9
Issue date: 2006 February 21
Cross reference: fz533176
CVE-2005-2934
Problem Description
A local user can exploit the ptrace() system call to gain
root privileges.
The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2005-2934 to
this issue.
Vulnerable Supported Versions
System Binaries
----------------------------------------------------------------------
UnixWare 7.1.3 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o
UnixWare 7.1.4 /etc/conf/pack.d/sum/Driver_atup.o /etc/conf/pack.d/sum/Driver_mp.o
Solution
The proper solution is to install the latest packages.
UnixWare 7.1.3
4.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9
4.2 Verification
a31512eee4940c6ba048a1b1878ac4fc p533176.713.image
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download p533176.713.image to the /var/spool/pkg directory
# pkgadd -d /var/spool/pkg/p533176.713.image
UnixWare 7.1.4
5.1 Location of Fixed Binaries
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.9
5.2 Verification
1b8fa986357036a8be043b642cc47e56 p533176.714.image
md5 is available for download from
ftp://ftp.sco.com/pub/security/tools
5.3 Installing Fixed Binaries
Upgrade the affected binaries with the following sequence:
Download p533176.714.image to the /var/spool/pkg directory
# pkgadd -d /var/spool/pkg/p533176.714.image
References
Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2934
SCO security resources:
http://www.sco.com/support/security/index.html
SCO security advisories via email
http://www.sco.com/support/forums/security.html
This security fix closes SCO incidents fz533176.
Disclaimer
SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.
Acknowledgments
SCO would like to thank iDEFENSE for reporting this vulnerability.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (UnixWare)
iD8DBQFD+8opaqoBO7ipriERAjDDAJsGF+jQxvdXGodCYyOizM4zWX6kBwCdFlWc
+wSF78NCwxKxa9xx7cU3KMg=
=YZgG
-----END PGP SIGNATURE-----