COMMAND

    netscape-4.5-9 (package)

SYSTEMS AFFECTED

    Unices using netscape communicator 4.5

PROBLEM

    Following  is  based  on  SuSE  Security Announcement.  A security
    whole  was  discovered  in  the  package  mentioned  above.    The
    Netscape  Communicator  4.5  comes  with  "talkback",  a   quality
    enhancement  tool  by  Fullcircle  (www.fullcircle.com).   If  the
    communicator crashs for any reason, the file with the name

        /tmp/.$UID.talkback

    is read in, and the pid in  this file is killed.  After that,  the
    file is truncated/created  without checks for  {sym|hard}links and
    the pid of the current talkback process is written into the  file.
    Anyone  on  the  system  can  kill  a  process  of  users if their
    communicator crashs.   Anyone on  the system  can overwrite/create
    any file an attacked users# has write access to.  It wasn't  check
    if  there's  a   buffer  overflow  possible   when  the   talkback
    application reads in the file.

SOLUTION

    Please update as  soon as possible  or disable the  service if you
    are using this software on your SuSE Linux installation(s).  Other
    Linux  distributions  or  operating  systems  might be affected as
    well, please contact your vendor for information about this issue.
    Disable  talkback.  You  may  do  this  my executing the following
    (SuSE) commands (your path to netscape may differ):

        /bin/mv /opt/netscape/talkback /opt/netscape/talkback.disable
        /chmod -R 600 /opt/netscape/talkback

    Netscape responded to this vulnerability that the current  version
    does not install  the talkback application.   You may install  the
    new  version  4.51  from  Netscape  which  also  fixes  some other
    security  vulnerabilities.   However,  if  you  update  from a 4.5
    installation, ensure that you execute the lines above.