Description
This article is from the Security Patches FAQ, by Christopher Klaus cklaus@iss.net with numerous contributions by
others.
3 - Particular Vulnerabilities (Security Patches) p2
The Santa Cruz Operation
SCO systems are not vulnerable to the IDENT problem. Systems running the
MMDF mail system are not vulnerable to the remote or local problems.
The following releases of SCO products are vulnerable to the local problems.
SCO TCP/IP 1.1.x for SCO Unix System V/386 Operating System
Release 3.2
Versions 1.0 and 2.0
SCO TCP/IP 1.2.x for SCO Unix System V/386 Operating System
Release 3.2
Versions 4.x
SCO TCP/IP 1.2.0 for SCO Xenix System V/386 Operating System
Release 2.3.4
SCO Open Desktop Lite Release 3.0
SCO Open Desktop Release 1.x, 2.0, and 3.0
SCO Open Server Network System, Release 3.0
SCO Open Server Enterprise System, Release 3.0
Patches are currently being developed for the release 3.0 and 1.2.1 based
products. The latest sendmail available from SCO, on Support Level
Supplement (SLS) net382d, is also vulnerable.
Contacts for further information:
e-mail: support@sco.COM
USA, Canada, Pacific Rim, Asia, Latin America 6am-5pm Pacific Daylight Time
(PDT)
1-408-425-4726 (voice)
1-408-427-5443 (fax)
Europe, Middle East, Africa: 9am-5:30pm British Standard Time (BST)
+44 (0)923 816344 (voice)
+44 (0)923 817781 (fax)
Sequent Computer Systems
Sequent customers should contact Sequent Customer Service and request the
Fastpatch for sendmail.
phone: 1-800-854-9969.
e-mail: service-question@sequent.com
Silicon Graphics, Inc.
At the time of writing of this document, patches/binaries are planned for
IRIX versions 4.x, 5.2, 5.3, 6.0, and 6.0.1 and will be available to all SGI
customers.
The patches/binaries may be obtained via anonymous ftp (ftp.sgi.com) or from
your support/service provider.
On the anonymous ftp server, the binaries/patches can be found in either
~ftp/patches or ~ftp/security directories along with more current pertinent
information.
For any issues regarding this patch, please, contact your support/service
provider or send email to cse-security-alert@csd.sgi.com .
Sony Corporation
NEWS-OS 6.0.3 vulnerable; Patch SONYP6022 [sendmail] is available.
NEWS-OS 6.1 vulnerable; Patch SONYP6101 [sendmail] is available.
NEWS-OS 4.2.1 vulnerable; Patch 0101 [sendmail-3] is available.
Note that this patch is not included in 4.2.1a+.
Patches are available via anonymous FTP in the
/pub/patch/news-os/un-official directory on ftp1.sony.co.jp [202.24.32.18]:
4.2.1a+/0101.doc describes about patch 0101 [sendmail-3]
4.2.1a+/0101_C.pch patch for NEWS-OS 4.2.1C/a+C
4.2.1a+/0101_R.pch patch for NEWS-OS 4.2.1R/RN/RD/aRD/aRS/a+R
6.0.3/SONYP6022.doc describes about patch SONYP6022 [sendmail]
6.0.3/SONYP6022.pch patch for NEWS-OS 6.0.3
6.1/SONYP6101.doc describes about patch SONYP6101 [sendmail]
6.1/SONYP6101.pch patch for NEWS-OS 6.1
Filename BSD SVR4
Checksum Checksum
-------------- --------- ---------
4.2.1a+/0101.doc 55361 2 19699 4
4.2.1a+/0101_C.pch 60185 307 25993 614
4.2.1a+/0101_R.pch 35612 502 31139 1004
6.0.3/SONYP6022.doc 03698 2 36652 4
6.0.3/SONYP6022.pch 41319 436 20298 871
6.1/SONYP6101.doc 40725 2 3257 3
6.1/SONYP6101.pch 37762 434 4624 868
MD5 checksums are:
MD5 (4.2.1a+/0101.doc) = c696c28abb65fffa5f2cb447d4253902
MD5 (4.2.1a+/0101_C.pch) = 20c2d4939cd6ad6db0901d6e6d5ee832
MD5 (4.2.1a+/0101_R.pch) = 840c20f909cf7a9ac188b9696d690b92
MD5 (6.0.3/SONYP6022.doc) = b5b61aa85684c19e3104dd3c4f88c5c5
MD5 (6.0.3/SONYP6022.pch) = 1e4d577f380ef509fd5241d97a6bcbea
MD5 (6.1/SONYP6101.doc) = 62601c61aef99535acb325cf443b1b25
MD5 (6.1/SONYP6101.pch) = 87c0d58f82b6c6f7811750251bace98c
If you need further information, contact your vendor.
Solbourne
Grumman System Support Corporation now performs all Solbourne software and
hardware support. Please contact them for further information.
e-mail: support@nts.gssc.com
phone: 1-800-447-2861
Continue to:
Share and Enjoy
Bookmark this story so others can enjoy it:
Tags
security, patches
