Get APLawrence.com by RSS
Recent SCO/Linux News
Index
Recent SCO Security Info
Recent SCO TA's
There is a LOT more here: try Searching this site
From: Rhonda Powers <rhondap@stage.caldera.com>
Subject: SSE info file
Date: Thu, 1 Feb 2001 15:04:02 GMT
Welcome to the System Security Enhancement (SSE) Area
----------------------------------------------------
The System Security Enhancement directory, (SSE), is here to
provide timely fixes to problems with system security. Binaries
acquired from this directory are to be considered preliminary fixes
only, and have not been fully tested or integrated. As such, these
patches are not officially supported. They are provided as a timely
response to security concerns that have been brought to the
attention of The Santa Cruz Operation.
When final, approved patches are available, usually by a Support Level
Supplement, the README files below will be modified to indicate the
existence of the finalized version of the supplement.
SCO reserves the right to change the contents of these supplements at
any time.
These Supplements should be available in the following locations:
site directory method
---- --------- ------
ftp.sco.COM: /SSE Internet anonymous ftp
List of New System Security Enhancements
----------------------------------------
New on 23-OCT-00:
sse037: Multiple Vulnerabilities in SCO OpenServer 5.0.5
New on 12-OCT-00:
sse061: Customers using UnixWare 7 Release 7.1.0 and
7.1.1 should not install SSE061 as it has been
superseded by PTF7664a. Customers using older UnixWare
7 releases (e.g. 7.0.0 and 7.0.1) should continue to
use SSE061. ptf7664a is available from the
ftp://stage.caldera.com/SLS directory at ftp.caldera.com.
New on 28-SEP-00:
sse064: The UnixWare 7.1.0-UnixWare 7.1.1 SSE for EELS has been removed
and is superseded by ptf7663. ptf7663 is available from
the ftp://stage.caldera.com/SLS directory.
New on 10 August 2000
SSE071 released: Open Server 5.0.0 through 5.0.6 enhancement for scohelp.
Setuid programs that can invoke scohelp do not remove privileges.
ptf7449 released: UnixWare 7.1.0 enhancement for /etc/ftpd. Vulnerability in
WU-FTPD can allow unprivileged users to obtain "root" permissions.
ptf7658 re-released: UnixWare 7.1.1 enhancement for /etc/ftpd. Vulnerability in
WU-FTPD can allow unprivileged users to obtain "root" permissions.
(minor change in release letter, no functional changes)
SSE068 re-released: Open Server 5.0.0 through 5.0.5 enhancement for
/etc/sysadm.d/bin/user0sa. Allows unprivileged users to overwrite
files with group "auth" permissions.
SSE069 re-released: Open Server 5.0.0 through 5.0.5 enhancement for
/usr/lib/libX11* and /usr/lib/libXt*.
SSE070 re-released: Open Server 5.0.5 or earlier enhancement for /etc/ftpd.
Vulnerability in WU-FTPD can allow unprivileged users to obtain
"root" permissions.
Security Bulletin SB-00.16 released for SSE071
Security Bulletins SB-00.13, SB-00.14 and SB-00.15 re-released to reflect
above changes.
New on 4 August 2000
SSE068 re-released: Open Server 5.0.5 enhancement for
/etc/sysadm.d/bin/user0sa. Allows unprivileged users to overwrite
files with group "auth" permissions.
SSE069 re-released: Open Server enhancement for /usr/lib/libX11* and
/usr/lib/libXt*.
Security Bulletins SB-00.13 and SB-00.15 re-released to reflect above changes.
CONNECTION INFORMATION
----------------------
For anonymous ftp connection:
-----------------------------
Directory Name: /SSE
ftp to ftp.caldera.com
Login name: ftp
Password: your email address
ftp to ftp.uu.net (NOTE: areas are located in the ./sco-archive directory)
Login name: ftp
Password: your email address
For ftp via World Wide Web:
---------------------------
URL to open: ftp://stage.caldera.com
-------------------------------------------------------------------------------
List of available Security Enhancement (SSE) files:
Numbers in parentheses are checksums of the files, generated using the "sum"
utility with the -r option. Example: sum -r sse001.tar.Z
NOTE: These files are for downloading only. They CANNOT be obtained
from SCO on diskette.
NOTE: Please see the ".ltr" files for details of what security issues are
addressed by each Security Enhancement.
NOTE: Fixes for SCO Open Desktop/Open Server Release 3.0 are also
applicable to SCO UNIX 3.2v4 and/or SCO TCP/IP 1.2.
NOTE: Fixes for SCO OpenServer Release 5.0 are also applicable to
the SCO Internet FastStart product.
Size in bytes
File name (checksum) Description
-------------------------------------------------------------------------------
sse007.ltr.Z 1288 (65345) Replacement /usr/bin/at binary for:
sse007.tar.Z 119553 (49079) SCO CMW+ 3.0
SCO Open Desktop/Open Server Release 3.0
SCO OpenServer Release 5.0
SCO UnixWare 2.1
-------------------------------------------------------------------------------
sse009b.ltr 1641 (29367) Replacement /usr/bin/X11/scoterm binary for :
sse009b.tar.Z 148722 (59766) SCO Open Desktop/Open Server Release 3.0
NOTE: For OpenServer 5, the original sse009 has been superseded by:
ftp://stage.caldera.com/SLS/oss473a
-------------------------------------------------------------------------------
sse010.ltr 4371 (61746) Replacement TCP driver for:
sse010.tar.Z 202243 (39053) SCO OpenServer Release 5.0
SCO Open Desktop/Open Server Release 3.0
SCO UnixWare 2.1
SCO CMW+ 3.0
-------------------------------------------------------------------------------
sse011.ltr 2431 (22503) Replacement FTP daemon for
sse011.tar.Z 129969 (19774) SCO OpenServer Release 5.0.0, 5.0.2 and 5.0.4
SCO Open Desktop/Open Server Release 3.0
SCO UnixWare 2.1
SCO CMW+ 3.0
-------------------------------------------------------------------------------
sse012.ltr 2963 (47647) Replacement named binaries for:
sse012.tar.Z 1722386 (19726) SCO Open Desktop/Open Server Release 3.0
SCO OpenServer Release 5.0
SCO UnixWare 2.1
SCO UnixWare 7
-------------------------------------------------------------------------------
sse013.ltr 2030 (00215) Replacement pop server binary for
sse013.tar.Z 59911 (07838) SCO OpenServer 5.0.0, 5.0.2, 5.0.4
SCO Internet FastStart Release 1.0, 1.1
(posted 15-JUL-98)
------------------------------------------------------------------------------
sse014b.ltr 2338 (38104) Replacement imapd binaries for
sse014b.tar.Z 336879 (31525) SCO UnixWare 7
SCO OpenServer 5.0.5
(posted 17-JUL-98, updated 06-OCT-98)
------------------------------------------------------------------------------
sse015.ltr 2309 (05859) Replacement ToolTalk binaries for
sse015.tar.Z 331379 (20376) SCO UnixWare 7
(posted 15-SEP-98)
------------------------------------------------------------------------------
sse016.ltr 2488 (15726) Replacement mscreen binaries for
sse016.tar.Z 32602 (31228) SCO OpenServer 5
SCO Open Desktop/Open Server 3
(posted 06-OCT-98)
------------------------------------------------------------------------------
sse017.ltr 2682 (35378) Replacement (old version) rdist binaries for:
sse017.tar.Z 165709 (52472) SCO OpenServer 5
SCO Open Desktop/Open Server 3
SCO CMW+ 3
(posted 13-OCT-98)
-------------------------------------------------------------------------------
sse018.ltr 2240 (03397) Replacement bootpd binaries for:
sse018.tar.Z 166071 (09381) SCO OpenServer 5
SCO Open Desktop/Open Server 3
SCO UnixWare 7
SCO UnixWare 2.1
(posted 15-JAN-99)
-------------------------------------------------------------------------------
sse019.ltr 1733 (22999) Replacement calserver binary for:
sse019.tar.Z 242141 (59282) SCO OpenServer 5
(posted 27-JAN-99)
-------------------------------------------------------------------------------
sse020.ltr 2338 (59672) Replacement rshd and scheme binaries for
sse020.tar.Z 241969 (64951) SCO OpenServer 5.0.5
SCO UnixWare 7
SCO UnixWare 2.1
(posted 15-JAN-99)
-------------------------------------------------------------------------------
sse021b.ltr 1892 (11467) Replacement ftpd binary for
sse021b.tar.Z 234471 (25002) SCO OpenServer 5
SCO UnixWare 7
(posted 26-FEB-99)
-------------------------------------------------------------------------------
sse022.ltr 5473 (41133) Replacement Sendmail binaries
sse022.tar 1034240 (28239) SCO OpenServer 5
SCO UnixWare 7
(posted 05-MAR-99)
-------------------------------------------------------------------------------
sse023.ltr 1510 (62292) Replacement rshd binary for OpenServer.
sse023.tar.Z 35518 (39944) OpenServer 5.00, 5.02, 5.04. Not 5.0.5.
(posted 05-MAR-99)
-------------------------------------------------------------------------------
sse024b.ltr 2552 (48156) Replacement xserver binary for
sse024b.tar.Z 2324651 (54200) SCO OpenServer 5
SCO UnixWare 2.1
SCO Open Desktop/Open Server 3
(posted 18-JUN-99)
-------------------------------------------------------------------------------
sse026.ltr 1497 (12930) Corrects file permissions for Netscape servers
sse026.tar.Z 8076 (59538) in the following cases,
SCO UnixWare 2.1.3 :
Netscape FastTrack Server 2.0
Netscape Enterprise Server 2.0
Netscape Proxy Server 2.5
SCO UnixWare 7.0.1 and 7.0.0 systems:
Netscape FastTrack 2.01
-------------------------------------------------------------------------------
sse027.ltr 2520 (03398) Packaging commands have unnecessary privilege.
This problem exists in UW7.1.0 only.
See ptf7408 for fix.
-------------------------------------------------------------------------------
sse028.ltr 976 (26920) Security vulnerability in sendmail.
sse028.tar 61440 (30786) Replacement files SCO UnixWare 7.1.0 and
earlier releases.
-------------------------------------------------------------------------------
sse029.ltr 1117 (26655) Security vulnerability in mailcap.
sse029.tar 40960 (46097) Replacement files SCO UnixWare 7.1.0 and
earlier releases.
-------------------------------------------------------------------------------
sse030.ltr 1224 (27428) Buffer overflow in rpc.cmsd.
sse030.tar 184320 (25976) Replacement binary for all SCO UnixWare 7
releases.
-------------------------------------------------------------------------------
sse031.ltr 1051 (01243) Denial of service problem in passthru driver.
sse031.tar 40960 (39359 Replacement driver for UnixWare 7.1.0 only.
-------------------------------------------------------------------------------
sse034.ltr 1007 (06014) Ftp daemon security hole.
sse034.tar.Z 143891 (60689) Replacement binaries for UnixWare 2.x.x only.
-------------------------------------------------------------------------------
Installation and light training Boston and New England
Reliable and experienced, punctual and professional.
sse033.ltr 1217 (59310) BIND Security Update
sse033.tar.Z 2568757 (05513) Replacement binaries for UnixWare 2 and 7.
-------------------------------------------------------------------------------
sse035.ltr 979 (65490) Ftp daemon security hole.
sse035.tar.Z 114363 (54398) Replacement binaries for UnixWare 7.x.x only.
-------------------------------------------------------------------------------
sse036.ltr 1527 (42905) Ftp daemon security hole.
sse036.tar.Z 93379 (27264) Replacement binaries for OpenServer 5.0.0 through 5.0.0.
-------------------------------------------------------------------------------
sse037c.ltr 2031 (02252) Multiple Vulnerabilities Found In OpenServer
sse037.tar.Z 730785 (59070) Replacement binaries for OpenServer 5.0.5
-------------------------------------------------------------------------------
sse039.ltr 1118 (01787) SU Security Patch
sse039.tar.Z 283775 (53627) Replacement binaries for UnixWare 2.1.3 and 7 through 7.1.1
-------------------------------------------------------------------------------
sse041.ltr 1503 (63737) Security patch for libnsl and tcpip.so.
sse041.tar.Z 86679 (12292) Replacement binaries for UnixWare 7.0.0 through
UnixWare 7.1.0
-------------------------------------------------------------------------------
sse042.ltr 892 (60662) Security patch for xlock.
sse042.tar 81920 (14590) Replacement binaries for UnixWare 7.0.0 through
UnixWare 7.1.1.
-------------------------------------------------------------------------------
sse043-044-045.ltr 1557 (50683) UnixWare 7.0.0 Security Patch.
sse043.tar 378890 (61191) Replacement binaries for UnixWare 7.0.0.
-------------------------------------------------------------------------------
sse043-044-045.ltr 1557 (50683) UnixWare 7.0.1 Security Patch.
sse044.tar 440320 (02309) Replacement binaries for UnixWare 7.0.1.
-------------------------------------------------------------------------------
sse043-044-045.ltr 1557 (50683) UnixWare 7.1.0 Security Patch.
sse045.tar 389120 (61168) Replacement binaries for UnixWare 7.1.0.
-------------------------------------------------------------------------------
sse046.ltr 962 (27279) uidadmin patch.
sse046.tar 40068 (20912) Replacement binaries for UnixWare 7.0.0 -
UnixWare 7.1.1.
-------------------------------------------------------------------------------
sse047.ltr 1084 (03917) xauto patch.
sse047.tar 122880 (08473) Replacement binaries for SCO UnixWare
7.0.0 - 7.1.1. SCO UnixWare 2.
-------------------------------------------------------------------------------
sse048-049-051-052.ltr 1996 (18007) UnixWare 7.0.0 mail clients
sse048.tar 1208320 (30114) Replacement binaries for UnixWare 7.0.0
-------------------------------------------------------------------------------
sse048-049-051-052.ltr 1996 (18007) UnixWare 7.0.1 mail clients
sse049.tar 1239040 (61342) Replacement binaries for UnixWare 7.0.1
-------------------------------------------------------------------------------
sse050c.ltr 3475 (50059) OpenServer security patch.
sse050c.tar.Z 2741765 (18053) Replacement binaries for OpenServer
5.0.5 only.
-------------------------------------------------------------------------------
sse048-049-051-052.ltr 1996 (18007) UnixWare 7.1.0 mail clients
sse051.tar 1228800 (05355) Replacement binaries for UnixWare 7.1.0
-------------------------------------------------------------------------------
sse048-049-051-052.ltr 1996 (18007) UnixWare 7.1.1 mail clients
sse052.tar 1228800 (34873) Replacement binaries for UnixWare 7.1.1
-------------------------------------------------------------------------------
sse054.ltr 1207 (35151) Buffer overflow in in.i2odialogd
sse054.tar 40960 (15473) Replacement binary for SCO UnixWare
7.0.0 - 7.1.1
-------------------------------------------------------------------------------
sse054.ltr 1207 (35151) Buffer overflow in in.i2odialogd
sse054.tar 40960 (15473) Replacement binary for SCO UnixWare
7.0.0 - 7.1.1
-------------------------------------------------------------------------------
sse055.ltr 1775 (56781) OpenServer package tool security update
sse055.tar.Z 762051 (53809) Replacement binaries for SCO OpenServer
-------------------------------------------------------------------------------
sse056.ltr 1361 (37248) UnixWare 7.0.0 SSE for rtpm.
sse056.tar.Z 225427 (60138)
-------------------------------------------------------------------------------
sse057.ltr 1363 (43319) UnixWare 7.0.1 SSE for rtpm.
sse057.tar.Z 226817 (22733)
-------------------------------------------------------------------------------
sse058.ltr 1399 (10621) UnixWare 7.1.0 SSE for rtpm.
sse058.tar.Z 264411 (52521)
-------------------------------------------------------------------------------
sse059.ltr 1375 (21776) UnixWare 7.1.1 SSE for rtpm.
sse059.tar.Z 230441 (44213)
-------------------------------------------------------------------------------
sse060.ltr 1046 (37872) UnixWare 7.0.0 - UnixWare 7.1.1
sse060.tar.Z 36142 (52981) scohelp security patch
-------------------------------------------------------------------------------
sse061.ltr 947 (01458) UnixWare 7.0.0 - UnixWare 7.1.1
sse061.tar.Z 58095 (45130) cu security patch
-------------------------------------------------------------------------------
sse062.ltr 2838 (18042) MMDF Vulnerabilities Found In
sse062.tar.Z 1840230 (56481) SCO OpenServer 5
-------------------------------------------------------------------------------
sse063.ltr 1729 (62441) ARCserve startup script symlink
sse063.tar.Z 9935 (23038) vulnerability in SCO OpenServer 5
-------------------------------------------------------------------------------
sse064 ----> The UnixWare 7.1.0-UnixWare 7.1.1 SSE for EELS has been removed
and is superseded by ptf7663. ptf7663 is available from
ftp://stage.caldera.com/SLS directory.
-------------------------------------------------------------------------------
sse065.ltr 1122 (61447) UnixWare 7.1.0 - UnixWare 7.1.1 SSE
sse065.tar.Z 93263 (16885) for telnet.
-------------------------------------------------------------------------------
sse066.ltr 1138 (25257) UnixWare 7.0.1 - UnixWare 7.1.1 SSE
sse066.tar.Z 90907 (49467) for ftp.
-------------------------------------------------------------------------------
sse067.ltr 1140 (14228) UnixWare 7.0.0 SSE for ftp.
sse067.tar.Z 89173 (49169)
-------------------------------------------------------------------------------
sse068d.ltr 2121 (56166) OpenServer 5.0.0 through 5.0.5
sse068d.tar.Z 1584406 (03244) for user0sa
-------------------------------------------------------------------------------
sse069c.ltr 2489 (54762) OpenServer 5.0.0 through 5.0.5 for
sse069c.tar.Z 702175 (08450) /usr/lib/X11
-------------------------------------------------------------------------------
sse070b.ltr 2199 (17058) OpenServer 5.0.5 or earlier for
sse070b.tar.Z 71068 (27700) /etc/ftpd
-------------------------------------------------------------------------------
ptf7658a.txt 2359 (50491) UnixWare 7.1.1 fix for /etc/ftpd
ptf7658a.Z 134745 (31887)
-------------------------------------------------------------------------------
ptf7449a.txt 2509 (33980) UnixWare 7.1.0 fix for /etc/ftpd
ptf7449a.Z 134821 (24529)
-------------------------------------------------------------------------------
sse071.ltr 2150 (14812) OpenServer 5.0.0 through 5.0.6 for
sse071.tar.Z 273496 (45777) scohelp
-------------------------------------------------------------------------------
Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)
Have you tried Searching this site?
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.
http://www.schewanick.com SCO Unix, Solaris, Linx (various), PHP, MySQL, Apache, uniBasic, dL4, Perl, System Administration and more....
http://thatitguy.com Business networking servers, Linux and Unix experts. In business since 1997! Windows and Exchange to Samba and Scalix migration experts.
http://www.cleverminds.net Need expert advice? Want a second opinion? CleverMinds is a one-stop-shop for a wide range of technology solutions. We support Unix, Linux, SCO as well as CMS, ecom, blogs, podcasts, search engines consulting and more. Contact us at web2.0@cleverminds.net 0r (617) 894-1282
Click here to add your comments