===========================================================================
SCO Security Bulletin 98.06
October 6, 1998
Security Vulnerability in imapd
---------------------------------------------------------------------------

I.   Description

A security vulnerability which was previously addressed for SCO UnixWare 7
has been discovered to apply also to SCO OpenServer Release 5.0.5.  (Note
that previous releases of OpenServer are not affected).  The vulnerability
is described in CERT advisory CA-98.09.

II.  Impact
        
The vulnerability could allow remote attackers to gain root access.

Exploit details for the vulnerability have been published, so we recommend
that the patch described below be installed on all Internet-connected
systems as soon as possible.

III. Releases

This problem exists on the following releases of SCO operating systems:

     - SCO OpenServer Release 5.0.5 only
     - SCO UnixWare 7
	
Other SCO products are not affected (imapd is not included in previous
releases of OpenServer).

IV.  Solution

SCO is providing an interim patch to address this issue in the form of a
System Security Enhancement (SSE) package.

SSE014b contains replacement imapd binaries for each system type.  Note
that the UnixWare 7 binary was previously included in SSE014 - if you
have already installed SSE014 on UnixWare 7, it is not necessary to
install SSE014b.

SSE014b is available for Internet download via anonymous ftp, and from
the SCOFORUM on Compuserve.

You can download the SSE package as follows:

Anonymous ftp (World Wide Web URL):

    ftp://ftp.sco.COM/SSE/sse014b.ltr    (cover letter, ASCII text)
    ftp://ftp.sco.COM/SSE/sse014b.tar.Z  (new binaries, compressed tar file)

Compuserve:

    GO SCOFORUM, and search Library 11 (SLS/SSE Files) for these filenames:

	SSE014B.LTR	(cover letter, ASCII text)
	SSE014B.TAZ	(new binaries, compressed tar file)

Checksums (sum -r):

    38104     5 sse014b.ltr
    31525   658 sse014b.tar.Z

V.   Updates

This bulletin is available for anonymous ftp download from 
ftp://ftp.sco.COM/SSE/security_bulletins/SB-98.06a, and will be
updated as new information becomes available.

The latest information on security vulnerabilities and fixes from
SCO is available on the world-wide web at http://www.sco.com/security/

VI.  Further Information:

If you have further questions, contact your support provider.  If you
need to contact SCO, please send electronic mail to support@sco.COM, or
contact SCO as follows. 

    USA/Canada: 6am-5pm Pacific Time (PST/PDT)
    -----------
    1-800-347-4381  (voice)
    1-408-427-5443  (fax)

    Pacific Rim, Asia, and Latin American customers: 6am-5pm Pacific
    ------------------------------------------------ Time (PST/PDT)
    1-408-425-4726  (voice)
    1-408-427-5443  (fax)

    Europe, Middle East, Africa: 9am-5:30pm UK Time (GMT/BST)
    ----------------------------
    +44 (0)1923 816344 (voice)
    +44 (0)1923 817781 (fax)