To: bugtraq@securityfocus.com announce@lists.caldera.com scoannmod@xenitec.on.ca
___________________________________________________________________________
Caldera International, Inc. Security Advisory
Subject: OpenServer 5.0.5: nmap port scanner can kill inetd
Advisory number: CSSA-2001-SCO.33
Issue date: 2001 November 15
___________________________________________________________________________
1. Problem Description
The "nmap" port scanner can kill inetd if invoked with the -P0
flag.
2. Vulnerable Versions
Operating System Version Affected Files
------------------------------------------------------------------
OpenServer 5.0.5 /etc/inetd
3. Workaround
This problem is fixed in the OpenServer 5.0.6 product. If an
OpenServer 5.0.6 machine is available, the inetd binary from
it can be used on the OpenServer 5.0.5 machine.
4. OpenServer
4.1 Location of Fixed Binaries
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.33/
4.2 Verification
md5 checksums:
43a9a473c59b6af8314504701f331a86 inetd.Z
md5 is available for download from
ftp://stage.caldera.com/pub/security/tools/
4.3 Installing Fixed Binaries
Upgrade the affected binaries with the following commands:
Download inetd.Z into the /tmp directory
# cd /tmp
# uncompress inetd.Z
# mv /etc/inetd /etc/inetd-
# chmod 0 /etc/inetd-
# mv /tmp/inetd /etc
# chown bin:bin /etc/inetd
# chmod 711 /etc/inetd
5. References
http://lists.insecure.org/nmap-hackers/2000/Jan-Mar/0073.html
This and other advisories are located at
http://stage.caldera.com/support/security
This advisory addresses Caldera Security internal incidents
sr853144, SCO-236-1787, and erg711859.
6. Disclaimer
Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.
___________________________________________________________________________
PGP signature
