Caldera (SCO) UnixWare ptrace privilege elevation

unixware-ptrace-privilege-elevation (24856) The risk level is classified as HighHigh Risk

Description:

Caldara (SCO) UnixWare could allow a local attacker to gain elevated privileges caused by an undisclosed vulnerability in the ptrace() function.


Consequences:

Gain Privileges

Remedy:

Refer to SCO Security Advisory SCOSA-2006.9 for patch or upgrade information. See References.

References:

  • iDEFENSE Security Advisory 02.24.06: SCO Unixware Setuid ptrace Local Privilege Escalation Vulnerability.
  • SCO Security Advisory SCOSA-2006.9: UnixWare 7.1.3 UnixWare 7.1.4 : Setuid ptrace Local Privilege Escalation Vulnerability.
  • ASA-2006-077: UnixWare Setuid ptrace Local Privilege Escalation Vulnerability (SCOSA-2006-9)
  • BID-16765: SCO UnixWare Ptrace Local Privilege Escalation Vulnerability
  • CVE-2005-2934: Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
  • SA18958: UnixWare ptrace Privilege Escalation Vulnerability
  • SECTRACK ID: 1015676: SCO UnixWare ptrace Lets Local Users Inject Code into setuid Processes to Obtain Elevated Privileges

Platforms Affected:

  • SCO Caldera UnixWare 7.1.3
  • SCO Caldera UnixWare 7.1.4

Reported:

Feb 21, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page