From security@sco.com Tue Aug 26 17:20:55 2003 From: security@sco.com To: bugtraq@securityfocus.com, announce@lists.caldera.com, full-disclosure@lists.netsys.com, security-alerts@linuxsecurity.com Date: Tue, 26 Aug 2003 10:07:43 -0700 Reply-To: please_reply_to_security@sco.com Subject: [Full-Disclosure] OpenLinux: The docview package allows anonymous remote users to view any publicly readable files on a OpenLinux 3.1.1 system. To: bugtraq@securityfocus.com announce@lists.caldera.com full-disclosure@lists.netsys.com security-alerts@linuxsecurity.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 __________________________________________________________ SCO Security Advisory Subject: OpenLinux: The docview package allows anonymous remote users to view any publicly readable files on a OpenLinux 3.1.1 system. Advisory number: CSSA-2003-021.0 Issue date: 2003 Aug 25 Cross reference: __________________________________________________________ 1. Problem Description Docview provides the OpenLinux System Administration Guide, available in browser HTML format. Due to a misconfiguration of the apache server, anonymous remote users are able to craft a URL in such a way as to view any publicly readable file. The Common Vulnerabilities and Exposures (CVE) project has assigned the name CAN-2003-0658 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems. 2. Vulnerable Supported Versions System Package - ---------------------------------------------------------- OpenLinux 3.1.1 docview < 1.1-18 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-023.0/RPMS 4.2 Packages 3a13ac10c8dea683b04857f15c0ccf0d docview-1.1-18.i386.rpm 4.3 Installation rpm -Fvh docview-1.1-18.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-023.0/SRPMS 4.5 Source Packages 3e46a0b62c1f792972adc56eaf9393b9 docview-1.1-18.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-023.0/RPMS 5.2 Packages 3a13ac10c8dea683b04857f15c0ccf0d docview-1.1-18.i386.rpm 5.3 Installation rpm -Fvh docview-1.1-18.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-023.0/SRPMS 5.5 Source Packages 3e46a0b62c1f792972adc56eaf9393b9 docview-1.1-18.src.rpm 6. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0658 SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents: sr882676 fz528140 erg712374. 7. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this websiteon this website through our security advisories. Our advisories are ce to our customers intended to promote secure ation and use of SCO products. _________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SCO_SV) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj9KsOQACgkQbluZssSXDTFfKQCg49Zb5dWz2zR/jNIQ2I2b/HKE roUAoP0bzvV4/YEPfdptTMZDAMcw49sY =sbjm -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html