The SCO Group (SCO UnixWare) Information for VU#336083

Uudecode performs inadequate checks on user-specified output files

Status

Affected

Vendor Statement

All of our operating system offerings (Caldera Open UNIX, Caldera OpenLinux, SCO OpenServer) supply uudecode, and all of them have this vulnerability.

We are working on fixes for all our operating systems.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The SCO Group has published SCO Security Advisory CSSA-2002-SCO.44 to address this issue. For more information, please see