Description

This article is from the Security Patches FAQ, by Christopher Klaus cklaus@iss.net with numerous contributions by others.

2 - SCO Unix (Security Patches)

Current releases of SCO UNIX (3.2v4.2) and Open Desktop (3.0) has the
following security patches available:

uod368b -- passwd
oda377a -- xterm, scoterm, scosession, clean_screen

These can be downloaded from ftp.sco.com:/SLS. First get the file "info"
which lists the actual filenames and descriptions of the supplements.

Security problems were made aware by 8LGM in the following programs for SCO:

* at(C)
* login(M)
* prwarn(C)
* sadc(ADM)
* pt_chmod

These programs, which allowed regular users to become SuperUser (root),
affect the following SCO Products:

* SCO Unix System V/386 Release 3.2 Versions 4.2, 4.1, and 4.0
* SCO Open Desktop Lite Release 3.0
* SCO Open Desktop Release 3.0 and 2.0
* SCO Open Server Network System Release 3.0
* SCO Open Server Enterprise System Release 3.0

You need the following patches which are available at ftp.sco.com:/SSE:

     Binary             Patch
     ------             ------
     at(C)              sse001
     login(M)           sse002
     prwarn(C)          sse003
     sadc(ADM)          sse004
     pt_chmod           sse005

Continue to:

• prev: 2 - NEXT (Security Patches)
• Index
• next: 2 - Sun Microsystems, Inc. SunOS 4.x and Solaris 2.x (Security Patches)