===========================================================================
SCO Security Bulletin 98-03
April 08, 1998
Security Vulnerability in named
---------------------------------------------------------------------------

I.   Description

Two security vulnerabilities have been reported in BIND (Berkeley Internet
Name Daemon, or "named") versions 4.9.6 and previous, as described in CERT
advisory CA-98.05.

II.  Impact
        
One of the vulnerabilities could allow remote attackers to gain root
access to your name server.  The other is a denial of service attack
against DNS.

We have been informed that exploit details are likely to be publicly
available, so we recommend that BIND version 4.9.7 is installed on
any Internet-connected SCO systems providing name service as soon as
possible.

III. Releases

This problem exists on the following releases of SCO operating systems:

     - SCO Open Desktop/Open Server 3.0 (all)
     - SCO OpenServer 5.0 (all)
     - SCO UnixWare 2.1 (all)
     - SCO UnixWare 7

Patches for SCO Open Desktop/Open Server 3.0 are also applicable to SCO
UNIX 3.2v4 with SCO TCP/IP 1.2.

Patches for SCO OpenServer 5.0 are also applicable to SCO Internet
FastStart.

The following releases are not vulnerable, and no patch is necessary:

     - SCO CMW+ 3.0 (all)

IV.  Solution

SCO is providing interim patches to address this issue in the form
of a System Security Enhancement (SSE) package.  The SSE package
includes patches for all operating systems listed above as vulnerable.

SSE012 contains BIND version 4.9.7 binaries, and is available for
Internet download via anonymous ftp, and from the SCOFORUM on Compuserve.
You can download the SSE package as follows:

Anonymous ftp (World Wide Web URL):

    ftp://ftp.sco.COM/SSE/sse012.ltr    (cover letter, ASCII text)
    ftp://ftp.sco.COM/SSE/sse012.tar.Z  (new binaries, compressed tar file)

Compuserve:

    GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames:

	SSE012.LTR	(cover letter, ASCII text)
	SSE012.TAZ	(new binaries, compressed tar file)

Checksums (sum -r):

    47647     6 sse012.ltr
    19726  3365 sse012.tar.Z

V.   Updates

This bulletin is available for anonymous ftp download from 
ftp://ftp.sco.COM/SSE/security_bulletins/SB-98.03a, and will be
updated as new information becomes available.

The latest information on security vulnerabilities and fixes from
SCO is available on the world-wide web at http://www.sco.com/security/

VI.  Further Information:

If you have further questions, contact your support provider.  If you
need to contact SCO, please send electronic mail to support@sco.COM, or
contact SCO as follows. 

    USA/Canada: 6am-5pm Pacific Time (PST/PDT)
    -----------
    1-800-347-4381  (voice)
    1-408-427-5443  (fax)

    Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
    ------------------------------------------------ Time (PST/PDT)
    1-408-425-4726  (voice)
    1-408-427-5443  (fax)

    Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
    ----------------------------
    +44 (0)1923 816344 (voice)
    +44 (0)1923 817781 (fax)