Topic: security issues in ports
Announced: 2002-06-19
I. Introduction
Several ports in the FreeBSD Ports Collection are affected by security issues. These are listed below with references and affected versions. All versions given refer to the FreeBSD port/package version numbers. The listed vulnerabilities are not specific to FreeBSD unless otherwise noted.
These ports are not installed by default, nor are they ``part of FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of third-party applications in a ready-to-install format. FreeBSD makes
no claim about the security of these third-party applications. See
URL:http://www.freebsd.org/ports/ for more information about the
FreeBSD Ports Collection.
II. Ports
+------------------------------------------------------------------------+
Port name: apache13, apache13-modssl, apache13-ssl,
apache13+ipv6, apache13-fp, apache2
Affected: versions apache-2.0.39 (apache2)
versions apache-1.3.26 (apache13)
versions apache+mod_ssl-1.3.26+2.8.9 (apache13-modssl)
All versions (others)
Status: Fixed (apache2, apache13, apache13-modssl)
Not fixed (others)
Denial-of-service involving chunked encoding.
URL:http://httpd.apache.org/info/securi...in_20020617.txt
URL:http://bvlive01.iss.net/issEn/deliv...l.jsp?oid=20502
URL:http://cve.mitre.org/cgi-bin/cvenam...e=CAN-2002-0392
+------------------------------------------------------------------------+
Port name: bind9
Affected: versions bind9-9.2.1
Status: Fixed
Denial-of-service vulnerability in named.
URL:http://www.cert.org/advisories/CA-2002-15.html
+------------------------------------------------------------------------+
Port name: courier-imap
Affected: versions courier-imap-1.4.3_1
Status: Fixed
Remote denial-of-service attack (CPU utilization).
URL:http://www.security.nnov.ru/advisories/courier.asp
+------------------------------------------------------------------------+
Port name: ethereal
Affected: versions ethereal-0.9.4
Status: Fixed
Buffer overflows in SMB, X11, DNS, and GIOP dissectors.
URL:http://www.ethereal.com/appnotes/enpa-sa-00004.html
+------------------------------------------------------------------------+
Port name: fakebo
Affected: versions fakebo-0.4.1_1
Status: Fixed
Format string vulnerability.
URL:http://cvsweb.freebsd.org/ports/sec.../files/patch-aa
URL:http://cvsweb.freebsd.org/ports/sec.../files/patch-ab
+------------------------------------------------------------------------+
Port name: fragroute
Affected: versions fragroute-1.2_1
Status: Fixed
The distribution file with MD5 checksum
65edbfc51f8070517f14ceeb8f721075 was trojaned.
URL:http://online.securityfocus.com/archive/1/274892
+------------------------------------------------------------------------+
Port name: ghostscript-gnu
Affected: versions ghostscript-6.53
Status: Fixed
A PostScript file can cause arbitrary commands to be executed as
the user running ghostscript.
URL:http://cve.mitre.org/cgi-bin/cvenam...e=CAN-2002-0363
+------------------------------------------------------------------------+
Port name: icmpmonitor
Affected: versions icmpmonitor-1.11_1
Status: Fixed
Format string vulnerability (syslog).
URL:http://cvsweb.freebsd.org/ports/net.../files/patch-aa
+------------------------------------------------------------------------+
Port name: imap-uw
Affected: All versions
Status: Not fixed
Locally exploitable stack buffer overflow when compiled with
WITH_RFC1730 (which is not the default).
URL:http://online.securityfocus.com/archive/1/271958
URL:http://online.securityfocus.com/archive/1/272030
+------------------------------------------------------------------------+
Port name: mnews
Affected: All versions
Status: Not fixed
Remotely exploitable buffer overflows.
URL:http://online.securityfocus.com/archive/1/275012
URL:http://online.securityfocus.com/archive/1/275125
+------------------------------------------------------------------------+
Port name: nn
Affected: versions nn-6.6.2_1
Status: Fixed
Remotely exploitable format string vulnerability.
Reproduce using netcat:
perl -e 'printf("100 %s
", "%x" x 800);' | nc -l -p 119
env NNTPSERVER="localhost" nn
+------------------------------------------------------------------------+
Port name: sharity-light
Affected: versions sharity-light-1.2_1
Status: Fixed
Stack buffer overflow when copying the username and password from the
environment (variables USER, LOGNAME, and PASSWD). Reported by
Niels Heinen niels.heinen@ubizen.com.
+------------------------------------------------------------------------+
Port name: slurp
Affected: versions slurp-1.10_1
Status: Fixed
Remotely exploitable format string vulnerability.
URL:http://online.securityfocus.com/archive/1/275397
+------------------------------------------------------------------------+
Port name: xchat
Affected: versions xchat-1.8.9
Status: Fixed
An IRC server may execute arbitrary commands with the privileges
of the user running xchat.
URL:http://online.securityfocus.com/bid/4376
+------------------------------------------------------------------------+
III. Upgrading Ports/Packages
To upgrade a fixed port/package, perform one of the following:
1) Upgrade your Ports Collection and rebuild and reinstall the port. Several tools are available in the Ports Collection to make this easier. See:
/usr/ports/devel/portcheckout
/usr/ports/misc/porteasy
/usr/ports/sysutils/portupgrade
2) Deinstall the old package and install a new package obtained from
[i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/p...s-4-stable/All/
Packages are not automatically generated for other architectures at this time.
+------------------------------------------------------------------------+
FreeBSD Security Notices are communications from the Security Officer
intended to inform the user community about potential security issues, such as bugs in the third-party applications found in the Ports Collection, which will not be addressed in a FreeBSD Security Advisory.
Feedback on Security Notices is welcome at security-officer@FreeBSD.org.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iQCVAwUBPRD6MlUuHi5z0oilAQFmSwP9Hs95CGjDL8PF95Z9bA
xana0X9JTUYvaN
qxPWiovTzED5Ityt46TySpoOcwdQkzO0ugu3/Q7zCppEDdIjXBUxARv8qvnLG7Oz
f5SPItOW// 5P7hmq6c9XGQrfq4XLYnv61JbgK9Cm0tGU8iVhOwm+ztpZS2FG
5x+3
F4W/AphEyi8=
=W9sm
-----END PGP SIGNATURE-----
This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org
- A hozzászóláshoz be kell jelentkezni
- 1083 megtekintés