158 lines
5.3 KiB
Plaintext
158 lines
5.3 KiB
Plaintext
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
CA-92:21 CERT Advisory
|
|
December 16, 1992
|
|
ConvexOS and ConvexOS/Secure Vulnerabilities
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
The CERT Coordination Center has received information concerning
|
|
several vulnerabilities in the following CONVEX Computer Corporation
|
|
products: ConvexOS/Secure, CONVEX CXbatch, CONVEX Storage Manager
|
|
(CSM), and ConvexOS EMACS. These vulnerabilities can affect ConvexOS
|
|
versions V6.2 - V10.2 and ConvexOS/Secure versions V9.5 and V10.0 on
|
|
all supported architectures.
|
|
|
|
CONVEX is aware of the vulnerabilities, and fixes or workarounds are
|
|
available. Three of the fixes are implemented as full Engineering
|
|
Change Notice (ECN) patches and, as such, will be shipped with all new
|
|
systems as well as being released as upgrades for the products
|
|
CXbatch, CSM and ConvexOS/Secure. There is a workaround available for
|
|
the ConvexOS EMACS vulnerability. CONVEX is currently incorporating
|
|
the fixes to these vulnerabilities into future releases of each
|
|
product. Future shipments of these products should not be vulnerable
|
|
to these problems.
|
|
|
|
If you have any questions about the affected products, please contact
|
|
your CONVEX representative or the CONVEX Technical Assistance Center
|
|
(TAC) at 1-800-952-0379.
|
|
|
|
- -----------------------------------------------------------------------------
|
|
|
|
ConvexOS/Secure: passwd patch
|
|
|
|
I. Description
|
|
|
|
The "passwd" command in ConvexOS/Secure contains a security
|
|
vulnerability in versions V9.5 and V10.0 of ConvexOS/Secure.
|
|
This vulnerability has been fixed in ConvexOS/Secure V10.1.
|
|
|
|
II. Impact
|
|
|
|
Local users can gain unauthorized root access.
|
|
|
|
III. Solution
|
|
|
|
Obtain and install ConvexOS/Secure V10.0.2 - Part No.
|
|
710-007815-008.
|
|
|
|
|
|
- ------------------------------------------------------------------------------
|
|
|
|
Convex CXbatch: qmgr patch
|
|
|
|
I. Description
|
|
|
|
The "qmgr" command in CONVEX CXbatch versions V1.0 - V2.1.3
|
|
contains a security vulnerability. This vulnerability is
|
|
present in ConvexOS V6.2 - V10.2 on systems that have installed
|
|
the optional CXbatch facility.
|
|
|
|
II. Impact
|
|
|
|
Local users can gain unauthorized root access.
|
|
|
|
III. Solution
|
|
|
|
A. As root, rename the existing version of /usr/convex/qmgr and
|
|
modify the permission (from 6755 to 700) to prevent misuse.
|
|
|
|
# /bin/mv /usr/convex/qmgr /usr/convex/qmgr.orig
|
|
# /bin/chmod 700 /usr/convex/qmgr.orig
|
|
|
|
B. Next, obtain and install CONVEX CXbatch V2.1.4 - Part No.
|
|
710-007830-011.
|
|
|
|
- ------------------------------------------------------------------------------
|
|
|
|
Convex CSM: migmgr patch
|
|
|
|
I. Description
|
|
|
|
The "migmgr" command in CONVEX CSM contains a security
|
|
vulnerability, in ConvexOS version V10.1 of systems that have
|
|
installed the CSM facility. This vulnerability will be fixed
|
|
in the next CSM release.
|
|
|
|
II. Impact
|
|
|
|
Local users can gain unauthorized root access.
|
|
|
|
III. Solution
|
|
|
|
A. As root, rename the existing version of /usr/csm/bin/migmgr and
|
|
modify the permission (from 4755 to 700) to prevent misuse.
|
|
|
|
# /bin/mv /usr/csm/bin/migmgr /usr/csm/bin/migmgr.orig
|
|
# /bin/chmod 700 /usr/csm/bin/migmgr.orig
|
|
|
|
B. Next, obtain and install CONVEX CSM V1.0.1 - Part No.
|
|
710-011315-003
|
|
|
|
- ------------------------------------------------------------------------------
|
|
|
|
ConvexOS: EMACS editor workaround
|
|
|
|
I. Description
|
|
|
|
The EMACS Editor in ConvexOS contains a security vulnerability,
|
|
in ConvexOS versions V9.0 - V10.2.
|
|
|
|
II. Impact
|
|
|
|
Local users can gain unauthorized access to /dev/kmem.
|
|
|
|
III. Solution
|
|
|
|
As root, remove the setgid bit from /usr/convex/emacs.
|
|
|
|
# /bin/chmod 755 /usr/convex/emacs
|
|
|
|
- ------------------------------------------------------------------------------
|
|
The CERT Coordination Center wishes to thank the CONVEX Computer
|
|
Corporation for their response to these problems. We would also like
|
|
to thank Bob Vickers from the University of London Computer Centre,
|
|
London, England, for reporting the CXbatch problem to us.
|
|
- ------------------------------------------------------------------------------
|
|
|
|
If you believe that your system has been compromised, contact the CERT
|
|
Coordination Center or your representative in FIRST (Forum of Incident
|
|
Response and Security Teams).
|
|
|
|
Internet E-mail: cert@cert.org
|
|
Telephone: 412-268-7090 (24-hour hotline)
|
|
CERT personnel answer 7:30 a.m.-6:00 p.m. EST(GMT-5)/EDT(GMT-4),
|
|
on call for emergencies during other hours.
|
|
|
|
CERT Coordination Center
|
|
Software Engineering Institute
|
|
Carnegie Mellon University
|
|
Pittsburgh, PA 15213-3890
|
|
|
|
Past advisories, information about FIRST representatives, and other
|
|
information related to computer security are available for anonymous FTP
|
|
from cert.org (192.88.209.5).
|
|
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: 2.6.2
|
|
|
|
iQCVAwUBMaMxGHVP+x0t4w7BAQEekAP/W2hxnOrDPBbUJKbgaOV2Ub+fvq+9DypV
|
|
6irBxo99sNeNUZkgHXdFSBdETiAh6IHmcfVDIWZ3HpOnURgO00SpohTFtRt1krHc
|
|
tVlIzSGyX6KAaPfjmzWY3mdB7iNiA+cs8pcobQNE98x6zS3U0P2WPTMODfi4Wmqg
|
|
IMjdsThlfWg=
|
|
=UGBZ
|
|
-----END PGP SIGNATURE-----
|
|
|