Hewlett-Packard Company Information for VU#336083

Uudecode performs inadequate checks on user-specified output files

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

HP Secure OS Software for Linux

HP has published a Security Bulletin to address this issue; for further information, please visit http://itrc.hp.com and search for "HPSBTL0205-040". Please note that registration may be required to access this document.

HP Tru64 Unix

HP has published Security Bulletin SSRT2301 to address this issue. The CERT/CC has provided a cached copy of this advisory below:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SECURITY BULLETIN: SSRT2301 - HP Tru64 UNIX uudecode
                                         Potential Security
Vulnerability

REVISION: 0

NOTICE: There are no restrictions for distribution
                of this Bulletin provided that it remains complete
                and intact.

RELEASE DATE: 25 November 2002

SEVERITY:  MEDIUM

SOURCE:  Hewlett-Packard Company
                  Software Security Response Team

REFERENCE:  CERT VU#336083, CAN-2002-0178

PROBLEM SUMMARY

  This bulletin will be posted to the support website
 within 24 hours of release to -
 http://thenew.hp.com/country/us/eng/support.html
 Use the SEARCH IN feature box, enter SSRT2301 in the
 search window.

SSRT2301 uudecode  (Severity - Medium)

  A potential security vulnerability has been discovered
 in the HP Tru64 UNIX operating system, where under certain
 circumstances, system integrity may be compromised through
 improper file access (overwriting files). This potential
 vulnerability may be in the form a local security domain
 risk.


VERSIONS IMPACTED:

       HP Tru64 UNIX

       HP Tru64 UNIX V5.1A

       HP Tru64 UNIX V5.1

       HP Tru64 UNIX V5.0A

       HP Tru64 UNIX V4.0G

       HP Tru64 UNIX V4.0F


RESOLUTION

  Early Release Patches (ERPs) are now available for all
 supported versions of HP Tru64 UNIX.  The ERP kits use
 dupatch to install and will not  install over any
 Customer Specific Patches (CSPs) which have file
 intersections with the ERPs. Contact your normal support
 channel and request HP Tru64 services elevate a case to
 Support Engineering if a CSP must be merged with one of
 the ERPs.  Please review the README file for each patch
 prior to installation.


HP Tru64 UNIX 5.1A:
Prerequisite: V5.1A with PK3 (BL3) installed
ERP Kit Name:   T64V51AB3-C0055902-16064-ES-20021114 .tar
Kit Location:  ftp://ftp1.support.compaq.com/public/unix/v5.1a/

HP Tru64 UNIX 5.1:
Prerequisite: V5.1 with PK5 (BL19) installed
ERP Kit Name: T64V51B19-C0142502-16065-ES-20021114 .tar
Kit Location:   ftp://ftp1.support.compaq.com/public/unix/v5.1/

HP Tru64 UNIX 5.0A:
Prerequisite: V5.0A with PK3 (BL17) installed
ERP Kit Name: T64V50AB17-C0023802-16066-ES-20021114 .tar
Kit Location:  ftp://ftp1.support.compaq.com/public/unix/v5.0a/

HP Tru64 UNIX 4.0G:
Prerequisite: V4.0G with PK3 (BL17) installed
ERP Kit Name:  T64V40GB17-C0020202-16068-ES-20021114 .tar
Kit Location:  ftp://ftp1.support.compaq.com/public/unix/v4.0g/

HP Tru64 UNIX 4.0F:
Prerequisite: V4.0F with PK7 (BL18) installed
ERP Kit Name: DUV40FB18-C0082402-16085-ES-20021115.tar
Kit Location:  ftp://ftp1.support.compaq.com/public/unix/v4.0f/

Information on how to verify MD5 and SHA1 checksums is
available at: http://www.support.compaq.com/patches/whats-new.shtml

  After completing the update, HP strongly recommends
 that you perform an immediate backup of  the system
 disk so that any subsequent restore operations begin
 with updated software. Otherwise, the updates must
 be re-applied after a future restore operation.
 Also, if at some future time the system is upgraded
 to a later patch release or version release,
 reinstall the appropriate ERP.


SUPPORT: For further information, contact HP Services

SUBSCRIBE: To subscribe to automatically receive future
Security Advisories from the Software Security Response
Team via electronic mail:
http://www.support.compaq.com/patches/mailing-list.shtml


REPORT:

  To report a potential security vulnerability with any HP
 supported product, send email to: security-alert@hp.com

  As always, HP urges you to periodically review your system
management
 and security procedures. HP will continue to review and enhance the
 security features of its products and work with our customers to
 maintain and improve the security and integrity of their systems.

  "HP is broadly distributing this Security Bulletin in order to
bring
 to the attention of users of the affected HP products the important
 security information contained in this Bulletin. HP recommends that
 all users determine the applicability of this information to their
 individual situations and take appropriate action. HP does not
 warrant that this information is necessarily accurate or complete
for
 all user situations and, consequently,  HP will not be responsible
 for any damages resulting from user's use or disregard of the
 information provided in this Bulletin."

(c)Copyright 2002 Hewlett-Packard Company.
 Hewlett-Packard Company shall not be liable for technical
 or editorial errors or omissions contained herein. The information
in
 this document is subject to change without notice. Hewlett-Packard
 Company and the names of Hewlett-Packard products referenced herein
 are trademarks of Hewlett-Packard Company in the United States and
 other countries. Other product and company names mentioned herein
may
 be trademarks of their respective owners.

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBPeMNejnTu2ckvbFuEQJX+QCgrSMMr96xdnGtaGCR0zrvhF3MJCwAn2Pq
TOFFQ+B//Yec4gS0wt+wjsjs
=juy8
-----END PGP SIGNATURE-----

If you have feedback, comments, or additional information about this vulnerability, please send us email.