Info

Disclosure

Oct 20, 2003

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

SCO OpenServer contains a flaw that may allow a malicious local user to corrupt arbitrary files on the system. The issue is due to the /etc/rpcinit script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files and may gain elevated privileges.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version OpenServer 5.0.6 or higher, as it has been reported to fix this vulnerability. SCO has also made new binaries available that correct this issue.

Products

SCO Group, Inc.	OpenServer	5.0.5
		5.0.6
		5.0.7

References

Related OSVDB ID: 11657 11658 11659 11660 11661 11662 11663 11665
ISS X-Force ID: 13484
CVE ID: 2003-0872 (see also: NVD)
Bugtraq ID: 8864
Vendor Specific Advisory URL: ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.27/CSSA-2003-SCO.27.txt
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-10/0212.html

Credit

Tomasz Kusmierz -

Direct URL: http://osvdb.org/36218

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

SCO Group, Inc.

OpenServer

References

Credit