[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : ConvexOS and ConvexOS/Secure Vulnerabilities

Title: ConvexOS and ConvexOS/Secure Vulnerabilities
Released by: CERT
Date: 16th December 1992
Printable version: Click here
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



CA-92:21   

Last Revised:  September 19,1997

                Attached copyright statement

        

                           CERT Advisory

                            December 16, 1992

                ConvexOS and ConvexOS/Secure Vulnerabilities



- ---------------------------------------------------------------------------



The CERT Coordination Center has received information concerning

several vulnerabilities in the following CONVEX Computer Corporation

products: ConvexOS/Secure, CONVEX CXbatch, CONVEX Storage Manager

(CSM), and ConvexOS EMACS.  These vulnerabilities can affect ConvexOS

versions V6.2 - V10.2 and ConvexOS/Secure versions V9.5 and V10.0 on

all supported architectures.



CONVEX is aware of the vulnerabilities, and fixes or workarounds are

available.  Three of the fixes are implemented as full Engineering

Change Notice (ECN) patches and, as such, will be shipped with all new

systems as well as being released as upgrades for the products

CXbatch, CSM and ConvexOS/Secure.  There is a workaround available for

the ConvexOS EMACS vulnerability. CONVEX is currently incorporating

the fixes to these vulnerabilities into future releases of each

product.  Future shipments of these products should not be vulnerable

to these problems.



If you have any questions about the affected products, please contact

your CONVEX representative or the CONVEX Technical Assistance Center

(TAC) at 1-800-952-0379.



- -----------------------------------------------------------------------------



ConvexOS/Secure: passwd patch



I.    Description



      The "passwd" command in ConvexOS/Secure contains a security

      vulnerability in versions V9.5 and V10.0 of ConvexOS/Secure.

      This vulnerability has been fixed in ConvexOS/Secure V10.1.



II.   Impact



      Local users can gain unauthorized root access.



III.  Solution



      Obtain and install ConvexOS/Secure V10.0.2 - Part No.

      710-007815-008.





- ------------------------------------------------------------------------------



Convex CXbatch: qmgr patch



I.    Description



      The "qmgr" command in CONVEX CXbatch versions V1.0 - V2.1.3

      contains a security vulnerability.  This vulnerability is 

      present in ConvexOS V6.2 - V10.2 on systems that have installed 

      the optional CXbatch facility.



II.   Impact



      Local users can gain unauthorized root access.



III.  Solution



      A.  As root, rename the existing version of /usr/convex/qmgr and

          modify the permission (from 6755 to 700) to prevent misuse.



          # /bin/mv /usr/convex/qmgr /usr/convex/qmgr.orig

          # /bin/chmod 700 /usr/convex/qmgr.orig



      B.  Next, obtain and install CONVEX CXbatch V2.1.4 - Part No.

          710-007830-011.



- ------------------------------------------------------------------------------



Convex CSM: migmgr patch



I.    Description



      The "migmgr" command in CONVEX CSM contains a security

      vulnerability, in ConvexOS version V10.1 of systems that have

      installed the CSM facility.  This vulnerability will be fixed

      in the next CSM release.



II.   Impact



      Local users can gain unauthorized root access.



III.  Solution



      A.  As root, rename the existing version of /usr/csm/bin/migmgr and

          modify the permission (from 4755 to 700) to prevent misuse.



          # /bin/mv /usr/csm/bin/migmgr /usr/csm/bin/migmgr.orig

          # /bin/chmod 700 /usr/csm/bin/migmgr.orig



      B.  Next, obtain and install CONVEX CSM V1.0.1 - Part No.

          710-011315-003



- ------------------------------------------------------------------------------



ConvexOS: EMACS editor workaround



I.    Description



      The EMACS Editor in ConvexOS contains a security vulnerability,

      in ConvexOS versions V9.0 - V10.2.



II.   Impact



      Local users can gain unauthorized access to /dev/kmem.



III.  Solution



      As root, remove the setgid bit from /usr/convex/emacs.



          # /bin/chmod 755 /usr/convex/emacs



- ------------------------------------------------------------------------------ 

The CERT Coordination Center wishes to thank the CONVEX Computer

Corporation for their response to these problems.  We would also like

to thank Bob Vickers from the University of London Computer Centre,

London, England, for reporting the CXbatch problem to us.

- ------------------------------------------------------------------------------ 



If you believe that your system has been compromised, contact the CERT

Coordination Center or your representative in FIRST (Forum of Incident

Response and Security Teams).



Internet E-mail: cert@cert.org

Telephone: 412-268-7090 (24-hour hotline)

           CERT personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),

           on call for emergencies during other hours.



CERT Coordination Center

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890



Past advisories, information about FIRST representatives, and other

information related to computer security are available for anonymous FTP

from cert.org (192.88.209.5).



- ------------------------------------------------------------------------------



Copyright 1992 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.



CERT is registered in the U.S. Patent and Trademark Office.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Revision History:



September 19,1997  Attached Copyright Statement



-----BEGIN PGP SIGNATURE-----

Version: PGP for Personal Privacy 5.0

Charset: noconv



iQA/AwUBOBS+zlr9kb5qlZHQEQIvOQCffYFMBxfI+/GkOFDUZ9S5KQhVwF0An30L

eZwAtgn5VoDesoIXQft+hHkN

=rry2

-----END PGP SIGNATURE-----








(C) 1999-2000 All rights reserved.