TITLE: SCO OpenServer update for Multiple Packages SECUNIA ADVISORY ID: SA17645 VERIFY ADVISORY: http://secunia.com/advisories/17645/ CRITICAL: Extremely critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Manipulation of data, Exposure of system information, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: SCO OpenServer 5.x http://secunia.com/product/137/ DESCRIPTION: SCO has issued a maintenance pack for OpenServer. This fixes various vulnerabilities in Mozilla, zip, libpng, zlib, libtiff, bzip2, openssh, php, perl, gzip, CUPS, wu-ftpd, cdrecord and squid, which can be exploited by malicious people to cause a DoS (Denial of Service), spoof the content of websites, gain knowledge of potentially sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, manipulate certain data, or compromise a user's system, and by malicious, local users to gain escalated privileges. For more information: SA12232 SA11978 SA12204 SA10856 SA14684 SA14821 SA14992 SA15292 SA16917 SA16846 SA13094 SA12219 SA11129 SA12818 SA13728 SA13607 SA15447 SA12450 SA12064 SA13481 SA14792 SA13643 SA12991 SA14120 SA14015 SA15320 SA11129 SA15949 SA16137 SA15047 SA12556 SA14411 SA12481 SA16708 SA16674 SA16992 SA17271 SOLUTION: Install Maintenance Pack 4 for SCO OpenServer 5.0.7. 4c87d840ff5b43221258547d19030228 ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar ORIGINAL ADVISORY: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4.htm OTHER REFERENCES: SA12232: http://secunia.com/advisories/12232/ SA11978: http://secunia.com/advisories/11978/ SA12204: http://secunia.com/advisories/12204/ SA10856: http://secunia.com/advisories/10856/ SA14684: http://secunia.com/advisories/14684/ SA14821: http://secunia.com/advisories/14821/ SA14992: http://secunia.com/advisories/14992/ SA15292: http://secunia.com/advisories/15292/ SA16917: http://secunia.com/advisories/16917/ SA16846: http://secunia.com/advisories/16846/ SA13094: http://secunia.com/advisories/13094/ SA12219: http://secunia.com/advisories/12219/ SA11129: http://secunia.com/advisories/11129/ SA12818: http://secunia.com/advisories/12818/ SA13728: http://secunia.com/advisories/13728/ SA13607: http://secunia.com/advisories/13607/ SA15447: http://secunia.com/advisories/15447/ SA12450: http://secunia.com/advisories/12450/ SA12064: http://secunia.com/advisories/12064/ SA13481: http://secunia.com/advisories/13481/ SA14792: http://secunia.com/advisories/14792/ SA13643: http://secunia.com/advisories/13643/ SA12991: http://secunia.com/advisories/12991/ SA14120: http://secunia.com/advisories/14120/ SA14015: http://secunia.com/advisories/14015/ SA15320: http://secunia.com/advisories/15320/ SA11129: http://secunia.com/advisories/11129/ SA15949: http://secunia.com/advisories/15949/ SA16137: http://secunia.com/advisories/16137/ SA15047: http://secunia.com/advisories/15047/ SA12556: http://secunia.com/advisories/12556/ SA14411: http://secunia.com/advisories/14411/ SA12481: http://secunia.com/advisories/12481/ SA16708: http://secunia.com/advisories/16708/ SA16674: http://secunia.com/advisories/16674/ SA16992: http://secunia.com/advisories/16992/ SA17271: http://secunia.com/advisories/17271/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------