SECURITY BUG IN INTERACTIVE UNIX SYSV386

Marty Stewart martys at mchale.ism.isc.com
Thu Feb 14 11:41:22 AEST 1991


The recent reports of a security hole in AT&T UNIX System V/386
Release 3.2, and in the INTERACTIVE UNIX Operating System which
is based upon it, are accurate.  Users with a math coprocessor
and INTERACTIVE Version 2.2  or later of the INTERACTIVE UNIX
Operating System should read the INTERACTIVE UNIX System Release
Notes, page 10, first bullet item for the workaround.

For all other users, INTERACTIVE Systems Corp. will provide a
comprehensive fix to the problem.  It will be provided as an
update (bug-fix) diskette to users of 386/ix Version 2.0.2,
INTERACTIVE UNIX Version 2.2.1, and the C2 Security Extension.
For Version 2.2 users without a math coprocessor, call into
Warranty support, (213) 453-8649 and ask for the free upgrade
to Version 2.2.1 as well as the 2.2.1 security-hole bug-fix
diskette.  As with all INTERACTIVE bug-fix diskettes, it will be
available free of charge through the Support department.

The anticipated availability date of the bug-fix is February 22nd.

Marty C. Stewart
Support Team Leader
Interactive Systems Corp.



More information about the Comp.unix.sysv386 mailing list