J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1537
    posted: 11/06/09
  • NSM Daily Update #1537
    posted: 11/06/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1537
    posted: 11/06/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/06/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/05/09

Title: SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities

Severity: CRITICAL

Description:

SCO Multi-channel Memorandum Distribution Facility (MMDF) is a mail transport agent (MTA) made up of a number of utilities for UNIX and UNIX like operating systems.

It has been reported that the SCO Multi-channel Memorandum Distribution Facility (MMDF) is affected by multiple vulnerabilities. These issues are due to a failure of the utility to properly validate buffer boundaries when copying user-supplied input.

These issues are known to be exploitable locally, however due to the nature of the application it is likely that remote exploitation is possible as well, although this is not confirmed.

The first group of issues are buffer overflow issues. These issues may be exploited by an attacker to gain superuser access to the affected computer.

The second group of issues present themselves when malformed input is processed by the affected application. Apparently, on certain input, the application will attempt to dereference a NULL pointer, causing the affected utility to crash, denying service to legitimate users.

The final group of issues are related to core dumps. It is currently not known if these issues are memory disclosure issues, although it is likely that they are. These issues may be leveraged by an attacker to gain access to private emails and potentially other information.

Details currently available are not sufficient to provide a more in depth technical discussion; this BID will be updated as more information is released.

An attacker might leverage these issues to execute arbitrary code in the context of the vulnerable utility; many of the affected utilities are setuid binaries by default. These issues might also be leveraged to cause the affected utility to crash, denying service to legitimate users.

Affected Products:

  • SCO MMDF
  • SCO Open Server 5.0.0
  • SCO Open Server 5.0.1
  • SCO Open Server 5.0.2
  • SCO Open Server 5.0.3
  • SCO Open Server 5.0.4
  • SCO Open Server 5.0.5
  • SCO Open Server 5.0.6
  • SCO Open Server 5.0.6 a
  • SCO Open Server 5.0.7
  • SCO Open Server Enterprise System 3.0.0
  • SCO Open Server Network System 3.0.0
  • SCO Open UNIX 8.0.0
  • SCO OpenLinux Server 3.1.1
  • SCO OpenLinux Workstation 3.1.1
  • SCO UNIX System V/386 Release 3.2 2.0.0
  • SCO UNIX System V/386 Release 3.2 4.0.0
  • SCO UNIX System V/386 Release 3.2 4.0.0 MSv4.1
  • SCO UNIX System V/386 Release 3.2 4.0.0 MSv4.2
  • SCO UNIX System V/386 Release 3.2 4.1.0
  • SCO UNIX System V/386 Release 3.2 4.2.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.