[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Security Vulnerabilities in "mscreen" Serial Multiscreens Utility

Title: Security Vulnerabilities in "mscreen" Serial Multiscreens Utility
Released by: SCO
Date: 6th October 1998
Printable version: Click here

SCO Security Bulletin 98.05

October 6, 1998

Security Vulnerabilities in "mscreen" Serial Multiscreens Utility

- ---------------------------------------------------------------------------

I.   Description

Security vulnerabilities have been discovered in the SCO "mscreen"

serial multiscreens utility.

II.  Impact

The vulnerabilities could allow local users to gain root privileges.

An exploit script for one of the vulnerabilities has been published,

so we recommend that the patch described below be installed on all

affected systems as soon as possible.

III. Releases

This problem exists on the following releases of SCO operating systems:

     - SCO Open Desktop/Open Server 3.0 (all, also SCO UNIX 3.2v4)

     - SCO OpenServer 5.0 (all, also SCO Internet FastStart)

     - SCO CMW+ 3.0


Other SCO products are not affected.

IV.  Solution

For SCO CMW+, the mscreen utility is non-functional; however, a binary

is installed on the system with the set-user-id attribute.  This should

be disabled by executing the following command logged in as root:

        # chmod 0 /usr/bin/mscreen

For SCO OpenServer 5 and SCO Open Desktop/Open Server 3, SCO is providing

an interim patch to address this issue in the form of a System Security

Enhancement (SSE) package.

SSE016 contains new versions of the mscreen binary for each system type.

It is available for Internet download via anonymous ftp, and from the

SCOFORUM on Compuserve.

You can download the SSE package as follows:

Anonymous ftp (World Wide Web URL):

    http://ftp.sco.COM/SSE/sse016.ltr    (cover letter, ASCII text)

    http://ftp.sco.COM/SSE/sse016.tar.Z  (new binaries, compressed tar file)


    GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames:

        SSE016.LTR      (cover letter, ASCII text)

        SSE016.TAZ      (new binaries, compressed tar file)

Checksums (sum -r):

    15726     5 sse016.ltr

    31228    64 sse016.tar.Z

V.   Updates

This bulletin is available for anonymous ftp download from

http://ftp.sco.COM/SSE/security_bulletins/SB-98.05a, and will be

updated as new information becomes available.

The latest information on security vulnerabilities and fixes from

SCO is available on the world-wide web at http://www.sco.com/security/

VI.  Further Information:

If you have further questions, contact your support provider.  If you

need to contact SCO, please send electronic mail to support@sco.COM, or

contact SCO as follows.

    USA/Canada: 6am-5pm Pacific Time (PST/PDT)


    1-800-347-4381  (voice)

    1-408-427-5443  (fax)

    Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific

    ------------------------------------------------ Time (PST/PDT)

    1-408-425-4726  (voice)

    1-408-427-5443  (fax)

    Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)


    +44 (0)1923 816344 (voice)

    +44 (0)1923 817781 (fax)

(C) 1999-2000 All rights reserved.