From owner-freebsd-security Mon Mar 18 07:11:43 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA26082 for security-outgoing; Mon, 18 Mar 1996 07:11:43 -0800 (PST) Received: from helix.nih.gov (helix.nih.gov [128.231.2.3]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA26077 for ; Mon, 18 Mar 1996 07:11:39 -0800 (PST) Received: (from crtb@localhost) by helix.nih.gov (8.6.13/8.6.12) id KAA17986 for security@freebsd.org; Mon, 18 Mar 1996 10:11:37 -0500 Date: Mon, 18 Mar 1996 10:11:37 -0500 From: Chuck Bacon Message-Id: <199603181511.KAA17986@helix.nih.gov> To: security@freebsd.org Subject: Is this applicable to FreeBSD (any version)? Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Normally I'm a lurker. Sometimes I panic. Here's something that threatens to destroy human life as we know it... (I don't really know anything about "unused portions of ptrace.") Chuck Bacon - crtb@helix.nih.gov ---------- Forwarded message ---------- Date: Mon, 18 Mar 1996 09:41:26 -0500 From: CERT Bulletin To: cert-advisory@cert.org Subject: CERT Vendor-Initiated Bulletin VB-96.04 - BSDI ============================================================================= CERT(sm) Vendor-Initiated Bulletin VB-96.04 March 18, 1996 Topic: BSD/OS 2.0/2.0.1 kernel vulnerability Source: Berkeley Software Design, Inc. To aid in the wide distribution of essential security information, the CERT Coordination Center is forwarding the following information from Berkeley Software Design, Inc. (BSDI), who urges you to act on this information as soon as possible. BSDI contact information is included in the forwarded text below; please contact them if you have any questions or need further information. ========================FORWARDED TEXT STARTS HERE============================ ============================================================================= Security Advisory Berkeley Software Design, Inc. Topic: BSD/OS 2.0/2.0.1 kernel vulnerability Number: 1996-03-05 Date: March 5, 1996 Patch: ftp://ftp.bsdi.com/bsdi/patches/patches-2.0.1/K201-008 ============================================================================= I. Background A bug was found in an unused portion of the ptrace code in BSD/OS 2.0 and 2.0.1 that caused a system vulnerability. The bug is not present in the current release, BSD/OS 2.1. BSDI is not aware of anyone who is actively exploiting this bug. All BSDI customers with current support contracts were mailed floppies containing the patch for this problem. Customers without current support contracts can and should download the patch from the ftp server. II. Problem Description Permssion checking for an unused operation was incorrect. III. Impact The problem could allow local users to control privileged processes, and could thus allow users to acquire unauthorized permissions. This vulnerability can only be exploited by users with a valid account on the local system. IV. Solution(s) Install BSDI patch K201-008 on all BSD/OS 2.0 or 2.0.1 systems, or upgrade to BSD/OS 2.1. ============================================================================= Berkeley Software Design, Inc. 5579 Tech Center Drive, Suite 110 Colorado Springs, CO 80919 Web Site: http://www.bsdi.com/ BSDI Support: +1 800 ITS BSD8 / +1 719 536 9346 Support Email: support@bsdi.com PGP Key: ftp://ftp.bsdi.com/bsdi/info/pgp_key =========================FORWARDED TEXT ENDS HERE============================= CERT publications, information about FIRST representatives, and other security-related information are available for anonymous FTP from ftp://info.cert.org/pub/ CERT advisories and bulletins are also posted on the USENET newsgroup comp.security.announce To be added to our mailing list for CERT advisories and bulletins, send your email address to cert-advisory-request@cert.org If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in the Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise you to encrypt your message. We can support a shared DES key or PGP. Contact the CERT staff for more information. Location of CERT PGP key ftp://info.cert.org/pub/CERT_PGP.key CERT Contact Information ------------------------ Email cert@cert.org Phone +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30-5:00 p.m. EST (GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax +1 412-268-6989 Postal address CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 USA CERT is a service mark of Carnegie Mellon University. From owner-freebsd-security Thu Mar 21 22:04:48 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA17767 for security-outgoing; Thu, 21 Mar 1996 22:04:48 -0800 (PST) Received: from xfer.ik.co.kr ([203.238.155.2]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id WAA17760 for ; Thu, 21 Mar 1996 22:04:45 -0800 (PST) Received: (from root@localhost) by xfer.ik.co.kr (8.7.1H1/8.6.12) id PAA06969 for freebsd-security@FreeBSD.org; Fri, 22 Mar 1996 15:03:35 +0900 (KST) Date: Fri, 22 Mar 1996 15:03:35 +0900 (KST) From: "sang young Kim [Network Admin]" Message-Id: <199603220603.PAA06969@xfer.ik.co.kr> To: freebsd-security@FreeBSD.org Sender: owner-security@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk unsubscribe From owner-freebsd-security Fri Mar 22 04:55:08 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id EAA04344 for security-outgoing; Fri, 22 Mar 1996 04:55:08 -0800 (PST) Received: from burka.carrier.kiev.ua (root@burka.carrier.kiev.ua [193.125.68.131]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id EAA04211 for ; Fri, 22 Mar 1996 04:51:21 -0800 (PST) Received: from sivka.carrier.kiev.ua (root@sivka.carrier.kiev.ua [193.125.68.130]) by burka.carrier.kiev.ua (Sendmail 8.who.cares/5) with ESMTP id OAA16037 for ; Fri, 22 Mar 1996 14:52:50 +0200 Received: from elvisti.kiev.ua (uucp@localhost) by sivka.carrier.kiev.ua (Sendmail 8.who.cares/5) with UUCP id OAA14003 for security@freebsd.org; Fri, 22 Mar 1996 14:27:37 +0200 Received: from office.elvisti.kiev.ua (office.elvisti.kiev.ua [193.125.28.33]) by spider2.elvisti.kiev.ua (8.6.12/8.ElVisti) with ESMTP id KAA26121 for ; Fri, 22 Mar 1996 10:53:07 +0200 Received: (from stesin@localhost) by office.elvisti.kiev.ua (8.6.12/8.ElVisti) id KAA25918 for security@freebsd.org; Fri, 22 Mar 1996 10:53:05 +0200 Received: from spider2.elvisti.kiev.ua (spider2.elvisti.kiev.ua [193.125.28.35]) by office.elvisti.kiev.ua (8.6.12/8.ElVisti) with ESMTP id HAA19638 for ; Fri, 22 Mar 1996 07:19:22 +0200 Received: from sivka.UUCP (uuSEMEN@localhost) by spider2.elvisti.kiev.ua (8.6.12/8.ElVisti) with UUCP id HAA14160 for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 07:15:23 +0200 Received: from kiae.UUCP (uucp@localhost) by sivka.carrier.kiev.ua (Sendmail 8.who.cares/5) with UUCP id GAA27668 for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 06:02:52 +0200 Received: by sequent.KIAE.su (UUMAIL/2.0); Fri, 22 Mar 96 06:31:16 +0300 Received: by kremvax.demos.su (uumail v3.2.2/D) for stesin@elvisti.kiev.ua; Fri, 22 Mar 1996 06:19:46 +0300 Received: by kremvax.demos.su (8.6.12/D) from relay7.UU.NET [192.48.96.17] for with ESMTP id GAA08675; Fri, 22 Mar 1996 06:19:45 +0300 Received: from miles.greatcircle.com by relay7.UU.NET with ESMTP id QQaibt01721; Thu, 21 Mar 1996 22:15:34 -0500 (EST) Received: (majordom@localhost) by miles.greatcircle.com (8.7.1-lists/Lists-951222-1) id KAA11341 for firewalls-outgoing; Thu, 21 Mar 1996 10:28:54 -0800 (PST) Received: from selkirk.csrv.nidc.edu (selkirk.csrv.nidc.edu [192.133.128.10]) by miles.greatcircle.com (8.7.4/Miles-951221-1) with SMTP id KAA11328 for ; Thu, 21 Mar 1996 10:28:44 -0800 (PST) Received: by selkirk.csrv.nidc.edu (1.38.193.5/16.2) id AA23587; Thu, 21 Mar 1996 10:39:33 -0800 Date: Thu, 21 Mar 1996 10:39:33 -0800 (PST) From: "Mark E. Nottage" To: Firewalls-digest@GreatCircle.COM Subject: Proxy/Firewall Apps for FreeBSD? Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk How viable and potentially effective would it be to set up a firewall on a PC-clone running FreeBSD 2.1 ( will supposedly also run some SCO binaries with the iBCS2 libs ) ? Parameters: We have existing IPX networks in 3 remote offices of an organization. The proposal includes providing Internet connections for the "main office" and all remote offices ( to facilitate offices sharing data, _at least_ via email ). All offices already have a Netware based email product capable of sending encrypted email between offices ( now via asynch connections, but also capable of acting as SMTP gateways ). The primary constraint is that data from the internal networks is highly sensitive, and _must not_ be compromised. Other questions: 1) I know that FreeBSD v2.1 has IPFirewall code in the kernel; how effective is that code? Also, is there proxy software that shakes hands well with this IPFirewall code? 2) What Proxy and/or Firewall software, either commercial or freely distributed, will run on FreeBSD? 3) What questions haven't I asked that I need to ask? TIA +________________________________________________________________________+ | Mark E. Nottage | "Would you give a foot massage to a | | Equipment/Network Technician | man?!?" | | email: markn@nidc.edu | - Vincent Vega | +------------------------------------------------------------------------+