Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   OS (UNIX)  >   uidadmin Vendors:   Caldera/SCO
Caldera (SCO) UnixWare/Open UNIX uidadmin Utility May Let Local Users Obtain Root Level Access via a Buffer Overflow
SecurityTracker Alert ID:  1002278
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 27 2001
Impact:   Execution of arbitrary code via local system, Root access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): UnixWare 7, Open Unix 8.0.0
Description:   Caldera (SCO) reported a vulnerability in the uidadmin utility for Open Linux (UnixWare). The security hole may allow local users to execute arbitrary code on the system with root level privileges.

It is reported that a long argument supplied to the uidadmin admin using the "-S" (scheme) command line switch will cause uidadmin to crash due to a buffer overflow. A local user may be able to obtain root privileges.

Impact:   A local user may be able to obtain root privileges.
Solution:   The vendor has released a fix, available at:

md5 checksums:

Vendor URL: (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (Open UNIX-SCO)

Message History:   None.

 Source Message Contents

Subject:  Security Update: [CSSA-2001-SCO.14] Open Unix, UnixWare: uidadmin buffer overflow

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

To: security-announce@=


	    Caldera International, Inc. Security Advisory

Subject:		Open Unix, UnixWare: uidadmin buffer overflow
Advisory number: 	CSSA-2001-SCO.14
Issue date: 		2001 August 23
Cross reference:

1. Problem Description
	A very long argument to the uidadmin "-S" (scheme) argument
	causes uidadmin to core dump. This might be exploited by an
	unauthorized user to gain privilege.

2. Vulnerable Versions

	Operating System	Version		Affected Files
	UnixWare 7		All		/usr/bin/uidadmin
	Open Unix		8.0.0		/usr/bin/uidadmin

3. Workaround


4. UnixWare 7, Open Unix

  4.1 Location of Fixed Binaries

  4.2 Verification

	md5 checksums:
	6778640ca80a88ed3af993adbe839bfb	erg711722a.Z

	md5 is available for download from

  4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following commands:

	# uncompress /tmp/erg711722a.Z
	# pkgadd -d /tmp/erg711722a

5. References

6. Disclaimer

	Caldera International, Inc. is not responsible for the misuse
	of any of the information we provide on our website and/or
	through our security advisories. Our advisories are a service
	to our customers intended to promote secure installation and
	use of Caldera International products.


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (SCO_SV)
Comment: For info see




Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC