COMMAND
	dtprintinfo buffer overflow in various Unix systems
SYSTEMS AFFECTED
	 SCO UnixWare 7
	 OpenUnix 8.0.0
	 -Also-
	 Compaq Tru64 UNIX V4.0F
	 Compaq Tru64 UNIX V5.0
	 Compaq Tru64 UNIX V5.1
	 Compaq Tru64 UNIX V5.1A
PROBLEM
	In Caldera Security bulletin  CSSA-2001-SCO.22  (http://www.caldera.com)
	:
	Very long environment variables will cause the  dtprintinfo  command  to
	overflow a buffer. This could be used by an unauthorized  user  to  gain
	privilege.
	 Update (18 April 2002)
	 ======
	In Noboru Yoshinaga [[email protected]] SNS Advisory No.50 :
	The  /usr/dt/bin/dtprintinfo  included  with  Compaq  Tru64  UNIX  is  a
	program for opening the  CDE  Print  Manager  window.  This  program  is
	installed as SUID root. In dtprintinfo  it  is  possible  to  restore  a
	client to the original desktop state by loading the session  file  using
	the "-session" option. A buffer overflow will occur in dtprintinfo  when
	an unusually long string of characters is  used  in  session  filenames.
	This will result in the possibility for the local  attacker  to  execute
	arbitrary code as root.
SOLUTION
	Get patch from :
	
	ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.22/
	md5 checksums:e726067eba0107ac5efd8c1fdb141b0d	dtprintinfo.Z
	
	Compaq :
	 
	http://ftp.support.compaq.com/patches/.new/html/SSRT-541.shtml