From owner-freebsd-security@FreeBSD.ORG Sat Jan 3 22:01:02 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 485E0106566C for ; Sat, 3 Jan 2009 22:01:02 +0000 (UTC) (envelope-from ohartman@mail.zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id 0401E8FC1B for ; Sat, 3 Jan 2009 22:01:01 +0000 (UTC) (envelope-from ohartman@mail.zedat.fu-berlin.de) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.69) for freebsd-security@freebsd.org with esmtp (envelope-from ) id <1LJEJG-0008BQ-BD>; Sat, 03 Jan 2009 22:45:30 +0100 Received: from e178059216.adsl.alicedsl.de ([85.178.59.216] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.69) for freebsd-security@freebsd.org with esmtpsa (envelope-from ) id <1LJEJG-0005BZ-40>; Sat, 03 Jan 2009 22:45:30 +0100 Message-ID: <495FDC97.4090301@mail.zedat.fu-berlin.de> Date: Sat, 03 Jan 2009 22:45:59 +0100 From: "O. Hartmann" User-Agent: Thunderbird 2.0.0.19 (X11/20090103) MIME-Version: 1.0 To: freebsd-security@freebsd.org X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Originating-IP: 85.178.59.216 X-Mailman-Approved-At: Sun, 04 Jan 2009 00:16:10 +0000 Subject: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2009 22:01:02 -0000 MD5 seems to be compromised by potential collision attacks. So I tried to figure out how I can use another hash for security purposes when hashing passwords for local users on a FreeBSD 7/8 box, like root or local box administration. Looking at man login.conf reveals only three possible hash algorithms selectable: md5 (recommended), des and blf. Changing /etc/login.conf's tag default:\ :passwd_format=sha1:\ followed by a obligatory "cap_mkdb" seems to do something - changing root's password results in different hashes when selecting different hash algorithms like des, md5, sha1, blf or even sha256. Well, I never digged deep enough into the source code to reveal the magic and truth, so I will ask here for some help. Is it possible to change the md5-algorithm by default towards sha1 as recommended after the md5-collisions has been published? Thanks in advance, Oliver From owner-freebsd-security@FreeBSD.ORG Sun Jan 4 04:11:43 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2B9BE106566B for ; Sun, 4 Jan 2009 04:11:43 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id E7B6B8FC16 for ; Sun, 4 Jan 2009 04:11:42 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.14.3/8.14.3) with ESMTP id n043kSmb058011; Sat, 3 Jan 2009 22:46:28 -0500 (EST) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.8/8.13.3) with ESMTP id n043kRCJ000646 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 3 Jan 2009 22:46:27 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <200901040346.n043kRCJ000646@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Sat, 03 Jan 2009 22:46:25 -0500 To: "O. Hartmann" , freebsd-security@freebsd.org From: Mike Tancsa In-Reply-To: <495FDC97.4090301@mail.zedat.fu-berlin.de> References: <495FDC97.4090301@mail.zedat.fu-berlin.de> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.64 on 64.7.153.18 Cc: Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2009 04:11:43 -0000 At 04:45 PM 1/3/2009, O. Hartmann wrote: >followed by a obligatory "cap_mkdb" seems to do something - changing >root's password results in different hashes when selecting different >hash algorithms like des, md5, sha1, blf or even sha256. > >Well, I never digged deep enough into the source code to reveal the >magic and truth, so I will ask here for some help. Is it possible to >change the md5-algorithm by default towards sha1 as recommended after >the md5-collisions has been published? Are you sure sha1 is supported ? It looks like if you put in something not understood in the login.conf file, it defaults to what appears to be DES. ---Mike >Thanks in advance, >Oliver >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Sun Jan 4 06:25:32 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0C57106566B for ; Sun, 4 Jan 2009 06:25:32 +0000 (UTC) (envelope-from stas@FreeBSD.org) Received: from mx0.deglitch.com (backbone.deglitch.com [IPv6:2001:16d8:fffb:4::abba]) by mx1.freebsd.org (Postfix) with ESMTP id 936F58FC12 for ; Sun, 4 Jan 2009 06:25:32 +0000 (UTC) (envelope-from stas@FreeBSD.org) Received: from DSPAM-Daemon (localhost [127.0.0.1]) by mx0.deglitch.com (Postfix) with SMTP id AE2A68FC4F for ; Sun, 4 Jan 2009 09:25:30 +0300 (MSK) Received: from orion.SpringDaemons.com (drsun1.dialup.corbina.ru [85.21.245.235]) by mx0.deglitch.com (Postfix) with ESMTPA id DC5A08FC4E; Sun, 4 Jan 2009 09:25:29 +0300 (MSK) Received: from orion (localhost [127.0.0.1]) by orion.SpringDaemons.com (Postfix) with SMTP id 25E223996C; Sun, 4 Jan 2009 09:27:53 +0300 (MSK) Date: Sun, 4 Jan 2009 09:27:44 +0300 From: Stanislav Sedov To: "O. Hartmann" Message-Id: <20090104092744.e0971330.stas@FreeBSD.org> In-Reply-To: <495FDC97.4090301@mail.zedat.fu-berlin.de> References: <495FDC97.4090301@mail.zedat.fu-berlin.de> Organization: The FreeBSD Project X-XMPP: ssedov@jabber.ru X-Voice: +7 916 849 20 23 X-PGP-Fingerprint: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581 X-Mailer: carrier-pigeon Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-DSPAM-Result: Innocent X-DSPAM-Processed: Sun Jan 4 09:25:30 2009 X-DSPAM-Confidence: 1.0000 X-DSPAM-Improbability: 1 in 98689409 chance of being spam X-DSPAM-Probability: 0.0023 X-DSPAM-Signature: 4960565a967008001220501 Cc: freebsd-security@freebsd.org Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2009 06:25:33 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 03 Jan 2009 22:45:59 +0100 "O. Hartmann" mentioned: > MD5 seems to be compromised by potential collision attacks. So I tried > to figure out how I can use another hash for security purposes when > hashing passwords for local users on a FreeBSD 7/8 box, like root or > local box administration. Looking at man login.conf reveals only three > possible hash algorithms selectable: md5 (recommended), des and blf. > Changing /etc/login.conf's tag > > default:\ > :passwd_format=sha1:\ > > > followed by a obligatory "cap_mkdb" seems to do something - changing > root's password results in different hashes when selecting different > hash algorithms like des, md5, sha1, blf or even sha256. > > Well, I never digged deep enough into the source code to reveal the > magic and truth, so I will ask here for some help. Is it possible to > change the md5-algorithm by default towards sha1 as recommended after > the md5-collisions has been published? > The default hash format can be configured via auth.conf(5) file. AFAIK, md5, des, blowfish and nthash are supported currently. BTW, I don't think that recently discovered collisions in md5 algoritm can compromise system passwords, as crypt(3) md5 scheme doesn't store the plain md5 sums, but result of a number of md5 computations over a salted password string. Of course, being able to find hash collisions can speedup the brute-force attack a bit, but this had to be proven first... - -- Stanislav Sedov ST4096-RIPE -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAklgVukACgkQK/VZk+smlYFurQCeOobQDi6tCbJ9ZeK8V5aUAY3O mMoAoIKvPDKvN1oogSWyGhYln3jCFWgX =NZZk -----END PGP SIGNATURE----- !DSPAM:4960565a967008001220501! From owner-freebsd-security@FreeBSD.ORG Sun Jan 4 06:31:29 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1F420106566C for ; Sun, 4 Jan 2009 06:31:29 +0000 (UTC) (envelope-from jahilliya@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.169]) by mx1.freebsd.org (Postfix) with ESMTP id E6E728FC20 for ; Sun, 4 Jan 2009 06:31:28 +0000 (UTC) (envelope-from jahilliya@gmail.com) Received: by wf-out-1314.google.com with SMTP id 24so9313270wfg.7 for ; Sat, 03 Jan 2009 22:31:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=WYGEZ9DuVPQvpgM7ijDnybSzgusMqAPZF22wdeAIEJk=; b=GIa0C8LaOSvvaq045dt1j0FWvmzsidE7U8N+6D/TI12cks7MBf+ZZU+9/L9yS0Aj9Z 5u2k86zprpyw4krsaGazG/B0q7hzuEebq5ug5Y8cBJjSzLk+yQfWV4vOVJYGfs8i2lpV zPaRu8XB3jLrxXdZPHoSUTqr7ao9voApBIrgg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=RjSx//Riyt79Ijtuieln3XqTeOD1J0R9Bwpa1gmBZtZmYzGPmScx2DqDxWBZWRSYIh pLEQwZCo8rBQTNkzFHjonr6RmBzrVybecWTRBUeI+BXDPG0sPKvWPldaKHE0rOiTIcuG NEa7wOmAoWCdresMPfA117Ld5ZM+nmwvCskQE= Received: by 10.142.78.10 with SMTP id a10mr8066355wfb.270.1231048690106; Sat, 03 Jan 2009 21:58:10 -0800 (PST) Received: by 10.142.224.6 with HTTP; Sat, 3 Jan 2009 21:58:10 -0800 (PST) Message-ID: Date: Sun, 4 Jan 2009 14:58:10 +0900 From: "Daniel Marsh" To: "O. Hartmann" , freebsd-security@freebsd.org In-Reply-To: <495FDC97.4090301@mail.zedat.fu-berlin.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <495FDC97.4090301@mail.zedat.fu-berlin.de> Cc: Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2009 06:31:29 -0000 Hey What's wrong with the blowfish hash? Reading up on it the full 16 round cipher is unbroken, only 4 and 14 round versions can be broke. Regards Daniel On 1/4/09, O. Hartmann wrote: > MD5 seems to be compromised by potential collision attacks. So I tried > to figure out how I can use another hash for security purposes when > hashing passwords for local users on a FreeBSD 7/8 box, like root or > local box administration. Looking at man login.conf reveals only three > possible hash algorithms selectable: md5 (recommended), des and blf. > Changing /etc/login.conf's tag > > default:\ > :passwd_format=sha1:\ > > > followed by a obligatory "cap_mkdb" seems to do something - changing > root's password results in different hashes when selecting different > hash algorithms like des, md5, sha1, blf or even sha256. > > Well, I never digged deep enough into the source code to reveal the > magic and truth, so I will ask here for some help. Is it possible to > change the md5-algorithm by default towards sha1 as recommended after > the md5-collisions has been published? > > Thanks in advance, > Oliver > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > -- http://buymeahouse.stiw.org/ From owner-freebsd-security@FreeBSD.ORG Sun Jan 4 10:11:07 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8147A106564A for ; Sun, 4 Jan 2009 10:11:07 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from phk.freebsd.dk (phk.freebsd.dk [130.225.244.222]) by mx1.freebsd.org (Postfix) with ESMTP id 447B88FC1C for ; Sun, 4 Jan 2009 10:11:07 +0000 (UTC) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (unknown [192.168.61.3]) by phk.freebsd.dk (Postfix) with ESMTP id 002CC17001; Sun, 4 Jan 2009 09:41:05 +0000 (UTC) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.14.3/8.14.3) with ESMTP id n049f5QX038333; Sun, 4 Jan 2009 09:41:05 GMT (envelope-from phk@critter.freebsd.dk) To: "O. Hartmann" From: "Poul-Henning Kamp" In-Reply-To: Your message of "Sat, 03 Jan 2009 22:45:59 +0100." <495FDC97.4090301@mail.zedat.fu-berlin.de> Date: Sun, 04 Jan 2009 09:41:05 +0000 Message-ID: <38332.1231062065@critter.freebsd.dk> Sender: phk@critter.freebsd.dk Cc: freebsd-security@freebsd.org Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jan 2009 10:11:07 -0000 In message <495FDC97.4090301@mail.zedat.fu-berlin.de>, "O. Hartmann" writes: >MD5 seems to be compromised by potential collision attacks. No it is not. Single MD5 invocations with controlled plaintext allow you to construct appendages to the plaintext, which would result in identical MD5 hash values. This does not affect your passwords. 1. If you already know peoples password, why futz with the encryption of them ? 2. MD5 password hash is not single invocation, in fact MD5 i iterated more than a thousand times in various permutations. Nobody has any idea how to break that, short of brute force. Poul-Henning -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-security@FreeBSD.ORG Tue Jan 6 10:27:49 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 600061065693 for ; Tue, 6 Jan 2009 10:27:49 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from fallbackmx10.syd.optusnet.com.au (fallbackmx10.syd.optusnet.com.au [211.29.132.251]) by mx1.freebsd.org (Postfix) with ESMTP id CAE8E8FC31 for ; Tue, 6 Jan 2009 10:27:48 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail18.syd.optusnet.com.au (mail18.syd.optusnet.com.au [211.29.132.199]) by fallbackmx10.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id n068VL9a016800 for ; Tue, 6 Jan 2009 19:31:21 +1100 Received: from server.vk2pj.dyndns.org (c122-106-215-175.belrs3.nsw.optusnet.com.au [122.106.215.175]) by mail18.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id n068VIZ3016021 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 6 Jan 2009 19:31:19 +1100 X-Bogosity: Ham, spamicity=0.000000 Received: from server.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by server.vk2pj.dyndns.org (8.14.3/8.14.3) with ESMTP id n068VIHx016022; Tue, 6 Jan 2009 19:31:18 +1100 (EST) (envelope-from peter@server.vk2pj.dyndns.org) Received: (from peter@localhost) by server.vk2pj.dyndns.org (8.14.3/8.14.3/Submit) id n068VHR6016021; Tue, 6 Jan 2009 19:31:17 +1100 (EST) (envelope-from peter) Date: Tue, 6 Jan 2009 19:31:17 +1100 From: Peter Jeremy To: "O. Hartmann" Message-ID: <20090106083117.GI87057@server.vk2pj.dyndns.org> References: <495FDC97.4090301@mail.zedat.fu-berlin.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="pyE8wggRBhVBcj8z" Content-Disposition: inline In-Reply-To: <495FDC97.4090301@mail.zedat.fu-berlin.de> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.18 (2008-05-17) Cc: freebsd-security@freebsd.org Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2009 10:27:49 -0000 --pyE8wggRBhVBcj8z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2009-Jan-03 22:45:59 +0100, "O. Hartmann" wrote: >Well, I never digged deep enough into the source code to reveal the >magic and truth, so I will ask here for some help. The relevant algorithms and their names are embedded in src/lib/libcrypt/crypt.c > Is it possible to >change the md5-algorithm by default towards sha1 as recommended after >the md5-collisions has been published? Note that both MD5 and SHA1 are broken in the cryprographic sense. As various people have noted, the known breaks do not impact on MD5 password hashes. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --pyE8wggRBhVBcj8z Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkljFtUACgkQ/opHv/APuIe2zgCfTpyLM2ZlfYioAJBygIYSu9en RcQAniInhQhLK78fjnSeLHbESWwoJTY3 =jC7v -----END PGP SIGNATURE----- --pyE8wggRBhVBcj8z-- From owner-freebsd-security@FreeBSD.ORG Wed Jan 7 21:36:20 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 70C90106579C; Wed, 7 Jan 2009 21:36:20 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 598018FC21; Wed, 7 Jan 2009 21:36:20 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (simon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n07LaK9H049705; Wed, 7 Jan 2009 21:36:20 GMT (envelope-from security-advisories@freebsd.org) Received: (from simon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n07LaKIW049703; Wed, 7 Jan 2009 21:36:20 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 7 Jan 2009 21:36:20 GMT Message-Id: <200901072136.n07LaKIW049703@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: simon set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2009 21:36:22 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:01.lukemftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in lukemftpd(8) Category: core Module: lukemftpd Announced: 2009-01-07 Credits: Maksymilian Arciemowicz Affects: All supported versions of FreeBSD. Corrected: 2009-01-07 20:17:55 UTC (RELENG_7, 7.1-STABLE) 2009-01-07 20:17:55 UTC (RELENG_7_1, 7.1-RELEASE-p1) 2009-01-07 20:17:55 UTC (RELENG_7_0, 7.0-RELEASE-p8) 2009-01-07 20:17:55 UTC (RELENG_6, 6.4-STABLE) 2009-01-07 20:17:55 UTC (RELENG_6_4, 6.4-RELEASE-p2) 2009-01-07 20:17:55 UTC (RELENG_6_3, 6.3-RELEASE-p8) CVE Name: CVE-2008-4247 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background lukemftpd(8) is a general-purpose implementation of File Transfer Protocol (FTP) server that is shipped with the FreeBSD base system. It is not enabled in default installations but can be enabled as either an inetd(8) server, or a standard-alone server. A cross-site request forgery attack is a type of malicious exploit that is mainly targeted to a web browser, by tricking a user trusted by the site into visiting a specially crafted URL, which in turn executes a command which performs some privileged operations on behalf of the trusted user on the victim site. II. Problem Description The lukemftpd(8) server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command. III. Impact This could, with a specifically crafted command, be used in a cross-site request forgery attack. FreeBSD systems running lukemftpd(8) server could act as a point of privilege escalation in an attack against users using web browser to access trusted FTP sites. IV. Workaround No workaround is available, but systems not running FTP servers are not vulnerable. Systems not running the FreeBSD lukemftpd(8) server are not affected, but users of other ftp daemons are advised to take care since several other ftp daemons are known to have related bugs. NOTE WELL: lukemftpd(8) is a different implementation of an FTP server than ftpd(8). V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_1, RELENG_7_0, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.0, and 7.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch http://security.FreeBSD.org/patches/SA-09:01/lukemftpd.patch # fetch http://security.FreeBSD.org/patches/SA-09:01/lukemftpd.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/libexec/lukemftpd # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.5.2.2 src/contrib/lukemftpd/src/extern.h 1.1.1.4.2.2 src/contrib/lukemftpd/src/ftpd.c 1.4.2.2 RELENG_6_4 src/UPDATING 1.416.2.40.2.5 src/sys/conf/newvers.sh 1.69.2.18.2.8 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.5.2.1.6.1 src/contrib/lukemftpd/src/extern.h 1.1.1.4.2.1.6.1 src/contrib/lukemftpd/src/ftpd.c 1.4.2.1.6.2 RELENG_6_3 src/UPDATING 1.416.2.37.2.13 src/sys/conf/newvers.sh 1.69.2.15.2.12 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.5.2.1.4.1 src/contrib/lukemftpd/src/extern.h 1.1.1.4.2.1.4.1 src/contrib/lukemftpd/src/ftpd.c 1.4.2.1.4.1 RELENG_7 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.6.2.1 src/contrib/lukemftpd/src/extern.h 1.1.1.5.2.1 src/contrib/lukemftpd/src/ftpd.c 1.5.2.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.4 src/sys/conf/newvers.sh 1.72.2.9.2.5 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.6.6.1 src/contrib/lukemftpd/src/extern.h 1.1.1.5.6.1 src/contrib/lukemftpd/src/ftpd.c 1.5.6.2 RELENG_7_0 src/UPDATING 1.507.2.3.2.12 src/sys/conf/newvers.sh 1.72.2.5.2.12 src/contrib/lukemftpd/src/ftpcmd.y 1.1.1.6.4.1 src/contrib/lukemftpd/src/extern.h 1.1.1.5.4.1 src/contrib/lukemftpd/src/ftpd.c 1.5.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r186872 releng/6.4/ r186872 releng/6.3/ r186872 stable/7/ r186872 releng/7.1/ r186872 releng/7.0/ r186872 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4247 http://security.freebsd.org/advisories/FreeBSD-SA-08:12.ftpd.asc The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-09:01.lukemftpd.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFJZR5UFdaIBMps37IRApUJAKCEGZggeEjPC67j5Tmxl2fEDJ9sIQCfTAKn vpOXC5jix3XiB7wxGKrvNJM= =qPEc -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 7 21:37:19 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C35331065BDE; Wed, 7 Jan 2009 21:37:18 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 170B18FC1D; Wed, 7 Jan 2009 21:37:18 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (simon@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n07LbHHB049783; Wed, 7 Jan 2009 21:37:17 GMT (envelope-from security-advisories@freebsd.org) Received: (from simon@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n07LbHwD049781; Wed, 7 Jan 2009 21:37:17 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 7 Jan 2009 21:37:17 GMT Message-Id: <200901072137.n07LbHwD049781@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: simon set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: freebsd-security@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2009 21:37:21 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:02.openssl Security Advisory The FreeBSD Project Topic: OpenSSL incorrectly checks for malformed signatures Category: contrib Module: openssl Announced: 2009-01-07 Credits: Google Security Team Affects: All FreeBSD releases Corrected: 2009-01-07 21:03:41 UTC (RELENG_7, 7.1-STABLE) 2009-01-07 20:17:55 UTC (RELENG_7_1, 7.1-RELEASE-p1) 2009-01-07 20:17:55 UTC (RELENG_7_0, 7.0-RELEASE-p8) 2009-01-07 20:17:55 UTC (RELENG_6, 6.4-STABLE) 2009-01-07 20:17:55 UTC (RELENG_6_4, 6.4-RELEASE-p2) 2009-01-07 20:17:55 UTC (RELENG_6_3, 6.3-RELEASE-p8) CVE Name: CVE-2008-5077 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. II. Problem Description The EVP_VerifyFinal() function from OpenSSL is used to determine if a digital signature is valid. The SSL layer in OpenSSL uses EVP_VerifyFinal(), which in several places checks the return value incorrectly and treats verification errors as a good signature. This is only a problem for DSA and ECDSA keys. III. Impact For applications using OpenSSL for SSL connections, an invalid SSL certificate may be interpreted as valid. This could for example be used by an attacker to perform a man-in-the-middle attack. Other applications which use the OpenSSL EVP API may similarly be affected. IV. Workaround For a server an RSA signed certificate may be used instead of DSA or ECDSA based certificate. Note that Mozilla Firefox does not use OpenSSL and thus is not affected. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 6-STABLE, or 7-STABLE, or to the RELENG_7_1, RELENG_7_0, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.0, and 7.1 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 7.x] # fetch http://security.FreeBSD.org/patches/SA-09:02/openssl.patch # fetch http://security.FreeBSD.org/patches/SA-09:02/openssl.patch.asc [FreeBSD 6.x] # fetch http://security.FreeBSD.org/patches/SA-09:02/openssl6.patch # fetch http://security.FreeBSD.org/patches/SA-09:02/openssl6.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/secure/lib/libssl # make obj && make depend && make && make install # cd /usr/src/secure/usr.bin/openssl # make obj && make depend && make && make install NOTE: On the amd64 platform, the above procedure will not update the lib32 (i386 compatibility) libraries. On amd64 systems where the i386 compatibility libraries are used, the operating system should instead be recompiled as described in VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. CVS: Branch Revision Path - ------------------------------------------------------------------------- RELENG_6 src/crypto/openssl/apps/speed.c 1.13.2.1 src/crypto/openssl/apps/verify.c 1.1.1.5.12.1 src/crypto/openssl/apps/x509.c 1.1.1.10.2.1 src/crypto/openssl/apps/spkac.c 1.1.1.4.12.1 src/crypto/openssl/ssl/s2_srvr.c 1.12.2.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.12.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.2 src/crypto/openssl/ssl/s2_clnt.c 1.13.2.2 RELENG_6_4 src/UPDATING 1.416.2.40.2.5 src/sys/conf/newvers.sh 1.69.2.18.2.8 src/crypto/openssl/apps/speed.c 1.13.12.1 src/crypto/openssl/apps/verify.c 1.1.1.5.24.1 src/crypto/openssl/apps/x509.c 1.1.1.10.12.1 src/crypto/openssl/apps/spkac.c 1.1.1.4.24.1 src/crypto/openssl/ssl/s2_srvr.c 1.12.12.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.12.12.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.6.1 src/crypto/openssl/ssl/s2_clnt.c 1.13.2.1.6.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.13 src/sys/conf/newvers.sh 1.69.2.15.2.12 src/crypto/openssl/apps/speed.c 1.13.10.1 src/crypto/openssl/apps/verify.c 1.1.1.5.22.1 src/crypto/openssl/apps/x509.c 1.1.1.10.10.1 src/crypto/openssl/apps/spkac.c 1.1.1.4.22.1 src/crypto/openssl/ssl/s2_srvr.c 1.12.10.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.12.10.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.14.2.1.4.1 src/crypto/openssl/ssl/s2_clnt.c 1.13.2.1.4.1 RELENG_7 src/crypto/openssl/apps/speed.c 1.15.2.1 src/crypto/openssl/apps/verify.c 1.1.1.6.2.1 src/crypto/openssl/apps/x509.c 1.1.1.11.2.1 src/crypto/openssl/apps/spkac.c 1.1.1.5.2.1 src/crypto/openssl/ssl/s2_srvr.c 1.13.2.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.2.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.2.1 src/crypto/openssl/ssl/ssltest.c 1.1.1.10.2.1 src/crypto/openssl/ssl/s2_clnt.c 1.15.2.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.4 src/sys/conf/newvers.sh 1.72.2.9.2.5 src/crypto/openssl/apps/speed.c 1.15.6.1 src/crypto/openssl/apps/verify.c 1.1.1.6.6.1 src/crypto/openssl/apps/x509.c 1.1.1.11.6.1 src/crypto/openssl/apps/spkac.c 1.1.1.5.6.1 src/crypto/openssl/ssl/s2_srvr.c 1.13.6.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.6.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.6.1 src/crypto/openssl/ssl/ssltest.c 1.1.1.10.6.1 src/crypto/openssl/ssl/s2_clnt.c 1.15.6.1 RELENG_7_0 src/UPDATING 1.507.2.3.2.12 src/sys/conf/newvers.sh 1.72.2.5.2.12 src/crypto/openssl/apps/speed.c 1.15.4.1 src/crypto/openssl/apps/verify.c 1.1.1.6.4.1 src/crypto/openssl/apps/x509.c 1.1.1.11.4.1 src/crypto/openssl/apps/spkac.c 1.1.1.5.4.1 src/crypto/openssl/ssl/s2_srvr.c 1.13.4.1 src/crypto/openssl/ssl/s3_clnt.c 1.1.1.14.4.1 src/crypto/openssl/ssl/s3_srvr.c 1.1.1.17.4.1 src/crypto/openssl/ssl/ssltest.c 1.1.1.10.4.1 src/crypto/openssl/ssl/s2_clnt.c 1.15.4.1 - ------------------------------------------------------------------------- Subversion: Branch/path Revision - ------------------------------------------------------------------------- stable/6/ r186873 releng/6.4/ r186872 releng/6.3/ r186872 stable/7/ r186872 releng/7.1/ r186872 releng/7.0/ r186872 - ------------------------------------------------------------------------- VII. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://www.openssl.org/news/secadv_20090107.txt The latest revision of this advisory is available at http://security.FreeBSD.org/advisories/FreeBSD-SA-09:02.openssl.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFJZR5ZFdaIBMps37IRAofJAJ4lm2jGfsMo28c0W4zRkhZrKmttGwCgmdd9 IvNUwk47W24SwhQAGH5+Ggw= =UHSl -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jan 7 22:49:18 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EADE1106571F for ; Wed, 7 Jan 2009 22:49:18 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 70A948FC1C for ; Wed, 7 Jan 2009 22:49:18 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.3/8.14.3) with ESMTP id n07MnDmR000274 for ; Wed, 7 Jan 2009 22:49:13 GMT (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.7.2 smtp.infracaninophile.co.uk n07MnDmR000274 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infracaninophile.co.uk; s=200708; t=1231368554; bh=VKr9h85P2bFmmp mSb3knv+Z0CjLicB1h62MOfTPnE3k=; h=Message-ID:Date:From:MIME-Version: To:Subject:References:In-Reply-To:Content-Type:Cc:Content-Type: Date:From:In-Reply-To:Message-ID:Mime-Version:References:To; z=Mes sage-ID:=20<49653163.4070904@infracaninophile.co.uk>|Date:=20Wed,=2 007=20Jan=202009=2022:49:07=20+0000|From:=20Matthew=20Seaman=20|Organization:=20Infracaninophile|User -Agent:=20Thunderbird=202.0.0.19=20(X11/20090104)|MIME-Version:=201 .0|To:=20freebsd-security@freebsd.org|Subject:=20Re:=20FreeBSD=20Se curity=20Advisory=20FreeBSD-SA-09:02.openssl|References:=20<2009010 72137.n07LbHwD049781@freefall.freebsd.org>|In-Reply-To:=20<20090107 2137.n07LbHwD049781@freefall.freebsd.org>|X-Enigmail-Version:=200.9 5.6|Content-Type:=20multipart/signed=3B=20micalg=3Dpgp-sha256=3B=0D =0A=20protocol=3D"application/pgp-signature"=3B=0D=0A=20boundary=3D "------------enig0E9DB484F36D7C46F781B19C"; b=xunB8l51pdrzaiWjU8VCe hqYA2rm3EyjJdzm+vPAGRAUE5I+Znf3vod7T/si/iVDGkQELKSHAbpYz2F4bMuFnQ7x gH1PESp6OMFzI6RVCC1d/MbnHQnZ6cODXSmKBvznSS4tltJ7mQmApyZHfZAjNmdiaeq oYUKYQ6zv5+UrCJI= Message-ID: <49653163.4070904@infracaninophile.co.uk> Date: Wed, 07 Jan 2009 22:49:07 +0000 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.19 (X11/20090104) MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <200901072137.n07LbHwD049781@freefall.freebsd.org> In-Reply-To: <200901072137.n07LbHwD049781@freefall.freebsd.org> X-Enigmail-Version: 0.95.6 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig0E9DB484F36D7C46F781B19C" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0.1 (smtp.infracaninophile.co.uk [IPv6:::1]); Wed, 07 Jan 2009 22:49:14 +0000 (GMT) X-Virus-Scanned: ClamAV 0.94.2/8842/Wed Jan 7 14:06:50 2009 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on happy-idiot-talk.infracaninophile.co.uk Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2009 22:49:20 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig0E9DB484F36D7C46F781B19C Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable FreeBSD Security Advisories wrote: =20 > I. Background >=20 > FreeBSD includes software from the OpenSSL Project. The OpenSSL Projec= t is > a collaborative effort to develop a robust, commercial-grade, full-feat= ured > Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) > and Transport Layer Security (TLS v1) protocols as well as a full-stren= gth > general purpose cryptography library. >=20 > II. Problem Description >=20 > The EVP_VerifyFinal() function from OpenSSL is used to determine if a > digital signature is valid. The SSL layer in OpenSSL uses > EVP_VerifyFinal(), which in several places checks the return value > incorrectly and treats verification errors as a good signature. This > is only a problem for DSA and ECDSA keys. >=20 > III. Impact >=20 > For applications using OpenSSL for SSL connections, an invalid SSL > certificate may be interpreted as valid. This could for example be > used by an attacker to perform a man-in-the-middle attack. >=20 > Other applications which use the OpenSSL EVP API may similarly be > affected. The oCert advisory at http://ocert.org/advisories/ocert-2008-016.html lists BIND and NTP as affected packages. Don't the base system versions of those apps also need patching? Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enig0E9DB484F36D7C46F781B19C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkllMWkACgkQ8Mjk52CukIzwxACfU95u+9VBD5XQRuzWWnvEl40X kbsAoIA3OqnlhuzB3dINZF+T2rcPK9Xc =haIW -----END PGP SIGNATURE----- --------------enig0E9DB484F36D7C46F781B19C-- From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 02:01:26 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9E30510656C4 for ; Thu, 8 Jan 2009 02:01:26 +0000 (UTC) (envelope-from kitchetech@gmail.com) Received: from mail-fx0-f11.google.com (mail-fx0-f11.google.com [209.85.220.11]) by mx1.freebsd.org (Postfix) with ESMTP id 019858FC21 for ; Thu, 8 Jan 2009 02:01:25 +0000 (UTC) (envelope-from kitchetech@gmail.com) Received: by fxm4 with SMTP id 4so1605644fxm.19 for ; Wed, 07 Jan 2009 18:01:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type:references; bh=PNwjAx+2olO7mYiDKU711CCG7O/4nxbtUCq5qm+5r3M=; b=Eyli3M+exeUN74DSRJZPP//OO33XdUGGeIOOfCytnvr/Q6PMmn2dfkHbuKN6dNI8oy HIz8wn2AQNxHR9nyXaFNlCxG/yUHP/xI4yvyjGnpIu/g+z8c6H6e1yvT2p/XZ2DbcB6l gDhlPLdy1emJvZI0R3EQ/XfgZPYCe//AV39ow= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:references; b=DGdFqS2yylWnxH7wY6ZqH0dFxzMagNv5x6XZ0WnKFknbWJqTTLsvqwplDt7GlolTP/ 3LYlZfVRYDrdluD/oS+lrzTH+4K1/BBeqkmllOH8C++OW5aQblD1GXrLcrlvyQV2ZwoX epPdWTsDx+rEjW1ZKNhClK9zy1EmAVk1YLXvs= Received: by 10.181.20.6 with SMTP id x6mr9117680bki.167.1231378217623; Wed, 07 Jan 2009 17:30:17 -0800 (PST) Received: by 10.181.14.6 with HTTP; Wed, 7 Jan 2009 17:30:17 -0800 (PST) Message-ID: <28283d910901071730if218355pdde2752cccc79b44@mail.gmail.com> Date: Wed, 7 Jan 2009 20:30:17 -0500 From: "matt donovan" To: "Matthew Seaman" In-Reply-To: <49653163.4070904@infracaninophile.co.uk> MIME-Version: 1.0 References: <200901072137.n07LbHwD049781@freefall.freebsd.org> <49653163.4070904@infracaninophile.co.uk> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 02:01:27 -0000 On Wed, Jan 7, 2009 at 5:49 PM, Matthew Seaman < m.seaman@infracaninophile.co.uk> wrote: > FreeBSD Security Advisories wrote: > > I. Background >> >> FreeBSD includes software from the OpenSSL Project. The OpenSSL Project >> is >> a collaborative effort to develop a robust, commercial-grade, >> full-featured >> Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) >> and Transport Layer Security (TLS v1) protocols as well as a full-strength >> general purpose cryptography library. >> >> II. Problem Description >> >> The EVP_VerifyFinal() function from OpenSSL is used to determine if a >> digital signature is valid. The SSL layer in OpenSSL uses >> EVP_VerifyFinal(), which in several places checks the return value >> incorrectly and treats verification errors as a good signature. This >> is only a problem for DSA and ECDSA keys. >> >> III. Impact >> >> For applications using OpenSSL for SSL connections, an invalid SSL >> certificate may be interpreted as valid. This could for example be >> used by an attacker to perform a man-in-the-middle attack. >> >> Other applications which use the OpenSSL EVP API may similarly be >> affected. >> > > The oCert advisory at http://ocert.org/advisories/ocert-2008-016.html > lists BIND and NTP as affected packages. Don't the base system versions > of those apps also need patching? > > Cheers, > > Matthew > > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > Kent, CT11 9PW I was told they don't but I believe they do since it's the code inside of ntp and bind don't check the return code correctly from what I can tell for the OpenSSL EVP API From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 07:47:57 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1B3DF106564A for ; Thu, 8 Jan 2009 07:47:57 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with ESMTP id 2F1F38FC1A for ; Thu, 8 Jan 2009 07:47:55 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 14297 invoked by uid 399); 8 Jan 2009 07:21:16 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 8 Jan 2009 07:21:16 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <4965A96A.4020604@FreeBSD.org> Date: Wed, 07 Jan 2009 23:21:14 -0800 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.19 (X11/20090102) MIME-Version: 1.0 To: matt donovan References: <200901072137.n07LbHwD049781@freefall.freebsd.org> <49653163.4070904@infracaninophile.co.uk> <28283d910901071730if218355pdde2752cccc79b44@mail.gmail.com> In-Reply-To: <28283d910901071730if218355pdde2752cccc79b44@mail.gmail.com> X-Enigmail-Version: 0.95.7 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 07:47:57 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 matt donovan wrote: > On Wed, Jan 7, 2009 at 5:49 PM, Matthew Seaman < > m.seaman@infracaninophile.co.uk> wrote: >> The oCert advisory at http://ocert.org/advisories/ocert-2008-016.html >> lists BIND and NTP as affected packages. Don't the base system versions >> of those apps also need patching? > I was told they don't but I believe they do since it's the code inside of > ntp and bind don't check the return code correctly from what I can tell for > the OpenSSL EVP API Please see: https://www.isc.org/node/373 Unless you are using DNSSEC to verify signatures you're not vulnerable at all. As usual for non-critical upgrades I will upgrade the ports first so that those that need the new version(s) can easily get to them in a hurry, then upgrade the base(s) over the next day or two. hth, Doug - -- This .signature sanitized for your protection -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEAREDAAYFAkllqWoACgkQyIakK9Wy8PsIgACg1+vOtfCdZcw2Wirybm4lLpWD VUEAnisZEkFBM4I3+8YmLp97Y/z/i8OG =Uelm -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 20:17:27 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1987A10656C9 for ; Thu, 8 Jan 2009 20:17:27 +0000 (UTC) (envelope-from Gabor@Zahemszky.HU) Received: from mx01.hdsnet.hu (mx01.hdsnet.hu [193.110.57.2]) by mx1.freebsd.org (Postfix) with ESMTP id CD96D8FC1A for ; Thu, 8 Jan 2009 20:17:26 +0000 (UTC) (envelope-from Gabor@Zahemszky.HU) Received: from [92.249.232.62] (helo=Picasso.Zahemszky.HU) by mx01.hdsnet.hu with esmtpa (HDSNet mail 1.1} #1) id 1LL0wS-0003lY-Uk for freebsd-security@freebsd.org; Thu, 08 Jan 2009 20:53:21 +0100 Date: Thu, 8 Jan 2009 20:53:17 +0100 From: Zahemszky =?ISO-8859-2?Q?G=E1bor?= To: freebsd-security@freebsd.org Message-ID: <20090108205317.4c097662@Picasso.Zahemszky.HU> In-Reply-To: <200901072137.n07LbHwD049781@freefall.freebsd.org> References: <200901072137.n07LbHwD049781@freefall.freebsd.org> Organization: Zahemszky Bt. X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: quoted-printable Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 20:17:27 -0000 Hi! Neither the lukemftpd, nor the openssl advisory speaks about freebsd-update as an upgrade solution. (And I couldn't update with it.) Why? Bye, G=E1bor Zahemszky < Gabor at Zahemszky dot HU > --=20 #!/bin/ksh Z=3D'21N16I25C25E30, 40M30E33E25T15U!'; IFS=3D' ABCDEFGHIJKLMNOPQRSTUVWXYZ '; set -- $Z;for i;{ [[ $i =3D ? ]]&&print $i&&break; [[ $i =3D ??? ]]&&j=3D$i&&i=3D${i%?}; typeset -i40 i=3D8#$i;print -n ${i#???}; [[ "$j" =3D ??? ]]&&print -n "${j#??} "&&j=3D;typeset +i i;}; IFS=3D' 0123456789 ';set -- $Z;for i;{ [[ $i =3D , ]]&&i=3D2; [[ $i =3D ?? ]]||typeset -l i;j=3D"$j $i";typeset +l i;};print "$j" From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 20:37:27 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C4F7106566C for ; Thu, 8 Jan 2009 20:37:27 +0000 (UTC) (envelope-from Gabor@Zahemszky.HU) Received: from mx01.hdsnet.hu (mx01.hdsnet.hu [193.110.57.2]) by mx1.freebsd.org (Postfix) with ESMTP id 4A5E68FC0C for ; Thu, 8 Jan 2009 20:37:27 +0000 (UTC) (envelope-from Gabor@Zahemszky.HU) Received: from [92.249.232.62] (helo=Picasso.Zahemszky.HU) by mx01.hdsnet.hu with esmtpa (HDSNet mail 1.1} #1) id 1LL1d7-0001pL-91 for freebsd-security@freebsd.org; Thu, 08 Jan 2009 21:37:25 +0100 Date: Thu, 8 Jan 2009 21:37:25 +0100 From: Zahemszky =?ISO-8859-2?Q?G=E1bor?= To: freebsd-security@freebsd.org Message-ID: <20090108213725.38f6fc7d@Picasso.Zahemszky.HU> In-Reply-To: <20090108202250.GB72107@lor.one-eyed-alien.net> References: <200901072137.n07LbHwD049781@freefall.freebsd.org> <20090108205317.4c097662@Picasso.Zahemszky.HU> <20090108202250.GB72107@lor.one-eyed-alien.net> Organization: Zahemszky Bt. X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.1) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: quoted-printable Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 20:37:27 -0000 > I'm not sure what it wasn't mentioned, but it worked just fine for a > dozen boxes at work. Opps, my fault. I tried to update one of my machines about 14 hours ago, but there weren't any updates. I tried it now, and it worked. Sorry for the noise. By, G=E1bor Zahemszky < Gabor at Zahemszky dot HU > --=20 #!/bin/ksh Z=3D'21N16I25C25E30, 40M30E33E25T15U!'; IFS=3D' ABCDEFGHIJKLMNOPQRSTUVWXYZ '; set -- $Z;for i;{ [[ $i =3D ? ]]&&print $i&&break; [[ $i =3D ??? ]]&&j=3D$i&&i=3D${i%?}; typeset -i40 i=3D8#$i;print -n ${i#???}; [[ "$j" =3D ??? ]]&&print -n "${j#??} "&&j=3D;typeset +i i;}; IFS=3D' 0123456789 ';set -- $Z;for i;{ [[ $i =3D , ]]&&i=3D2; [[ $i =3D ?? ]]||typeset -l i;j=3D"$j $i";typeset +l i;};print "$j" From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 20:39:20 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0F09110656D7 for ; Thu, 8 Jan 2009 20:39:20 +0000 (UTC) (envelope-from stas@FreeBSD.org) Received: from mx0.deglitch.com (backbone.deglitch.com [IPv6:2001:16d8:fffb:4::abba]) by mx1.freebsd.org (Postfix) with ESMTP id B06188FC0A for ; Thu, 8 Jan 2009 20:39:19 +0000 (UTC) (envelope-from stas@FreeBSD.org) Received: from DSPAM-Daemon (localhost [127.0.0.1]) by mx0.deglitch.com (Postfix) with SMTP id AF7148FC4F for ; Thu, 8 Jan 2009 23:39:18 +0300 (MSK) Received: from orion.SpringDaemons.com (drsun1.dialup.corbina.ru [85.21.245.235]) by mx0.deglitch.com (Postfix) with ESMTPA id 40BBA8FC4E; Thu, 8 Jan 2009 23:39:18 +0300 (MSK) Received: from orion (localhost [127.0.0.1]) by orion.SpringDaemons.com (Postfix) with SMTP id 5ECCD3996C; Thu, 8 Jan 2009 23:41:47 +0300 (MSK) Date: Thu, 8 Jan 2009 23:41:47 +0300 From: Stanislav Sedov To: Zahemszky =?UTF-8?B?R8OhYm9y?= Message-Id: <20090108234147.f87169ff.stas@FreeBSD.org> In-Reply-To: <20090108205317.4c097662@Picasso.Zahemszky.HU> References: <200901072137.n07LbHwD049781@freefall.freebsd.org> <20090108205317.4c097662@Picasso.Zahemszky.HU> Organization: The FreeBSD Project X-XMPP: ssedov@jabber.ru X-Voice: +7 916 849 20 23 X-PGP-Fingerprint: F21E D6CC 5626 9609 6CE2 A385 2BF5 5993 EB26 9581 X-Mailer: carrier-pigeon Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-DSPAM-Result: Innocent X-DSPAM-Processed: Thu Jan 8 23:39:18 2009 X-DSPAM-Confidence: 1.0000 X-DSPAM-Improbability: 1 in 98689409 chance of being spam X-DSPAM-Probability: 0.0023 X-DSPAM-Signature: 49666476967001390911012 Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 20:39:20 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 8 Jan 2009 20:53:17 +0100 Zahemszky Gábor mentioned: > Hi! > > Neither the lukemftpd, nor the openssl advisory speaks about > freebsd-update as an upgrade solution. (And I couldn't update with > it.) Why? > What is the problem with freebsd-update? - -- Stanislav Sedov ST4096-RIPE -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAklmZQsACgkQK/VZk+smlYHNyACfdUBLAVgdti38rQD/RxVPFMP/ ltwAn2UBfdq0oIZpghltCx1WA1RrJD3l =6VDH -----END PGP SIGNATURE----- !DSPAM:49666476967001390911012! From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 20:37:32 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8F532106564A for ; Thu, 8 Jan 2009 20:37:32 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (lor.one-eyed-alien.net [69.66.77.232]) by mx1.freebsd.org (Postfix) with ESMTP id F3F308FC0A for ; Thu, 8 Jan 2009 20:37:31 +0000 (UTC) (envelope-from brooks@lor.one-eyed-alien.net) Received: from lor.one-eyed-alien.net (localhost [127.0.0.1]) by lor.one-eyed-alien.net (8.14.3/8.14.3) with ESMTP id n08KMohf075119; Thu, 8 Jan 2009 14:22:50 -0600 (CST) (envelope-from brooks@lor.one-eyed-alien.net) Received: (from brooks@localhost) by lor.one-eyed-alien.net (8.14.3/8.14.3/Submit) id n08KModp075118; Thu, 8 Jan 2009 14:22:50 -0600 (CST) (envelope-from brooks) Date: Thu, 8 Jan 2009 14:22:50 -0600 From: Brooks Davis To: Zahemszky G?bor Message-ID: <20090108202250.GB72107@lor.one-eyed-alien.net> References: <200901072137.n07LbHwD049781@freefall.freebsd.org> <20090108205317.4c097662@Picasso.Zahemszky.HU> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3lcZGd9BuhuYXNfi" Content-Disposition: inline In-Reply-To: <20090108205317.4c097662@Picasso.Zahemszky.HU> User-Agent: Mutt/1.5.17 (2007-11-01) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (lor.one-eyed-alien.net [127.0.0.1]); Thu, 08 Jan 2009 14:22:50 -0600 (CST) X-Mailman-Approved-At: Thu, 08 Jan 2009 20:47:58 +0000 Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:02.openssl X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 20:37:32 -0000 --3lcZGd9BuhuYXNfi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 08, 2009 at 08:53:17PM +0100, Zahemszky G?bor wrote: > Hi! >=20 > Neither the lukemftpd, nor the openssl advisory speaks about > freebsd-update as an upgrade solution. (And I couldn't update with > it.) Why? I'm not sure what it wasn't mentioned, but it worked just fine for a dozen boxes at work. -- Brooks --3lcZGd9BuhuYXNfi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iD8DBQFJZmCZXY6L6fI4GtQRAm9DAKCJCdekf2v8DTevgHGiBluJvZAeXQCfQ9Dg IAyHa8Lp02019jjC18WF5uQ= =fBij -----END PGP SIGNATURE----- --3lcZGd9BuhuYXNfi-- From owner-freebsd-security@FreeBSD.ORG Thu Jan 8 23:02:48 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 952ED106566C for ; Thu, 8 Jan 2009 23:02:47 +0000 (UTC) (envelope-from ohartman@mail.zedat.fu-berlin.de) Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) by mx1.freebsd.org (Postfix) with ESMTP id 4E6428FC14 for ; Thu, 8 Jan 2009 23:02:47 +0000 (UTC) (envelope-from ohartman@mail.zedat.fu-berlin.de) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost1.zedat.fu-berlin.de (Exim 4.69) with esmtp (envelope-from ) id <1LL3tm-0005DO-1X>; Fri, 09 Jan 2009 00:02:46 +0100 Received: from e178036186.adsl.alicedsl.de ([85.178.36.186] helo=thor.walstatt.dyndns.org) by inpost2.zedat.fu-berlin.de (Exim 4.69) with esmtpsa (envelope-from ) id <1LL3tl-0004kf-Uu>; Fri, 09 Jan 2009 00:02:46 +0100 Message-ID: <49668643.7050507@mail.zedat.fu-berlin.de> Date: Fri, 09 Jan 2009 00:03:31 +0100 From: "O. Hartmann" User-Agent: Thunderbird 2.0.0.19 (X11/20090103) MIME-Version: 1.0 To: Mike Tancsa References: <495FDC97.4090301@mail.zedat.fu-berlin.de> <200901040346.n043kRCJ000646@lava.sentex.ca> In-Reply-To: <200901040346.n043kRCJ000646@lava.sentex.ca> X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Originating-IP: 85.178.36.186 X-Mailman-Approved-At: Thu, 08 Jan 2009 23:22:31 +0000 Cc: freebsd-security@freebsd.org Subject: Re: MD5 vs. SHA1 hashed passwords in /etc/master.passwd: can we configure SHA1 in /etc/login.conf? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2009 23:02:48 -0000 Mike Tancsa wrote: > At 04:45 PM 1/3/2009, O. Hartmann wrote: > >> followed by a obligatory "cap_mkdb" seems to do something - changing >> root's password results in different hashes when selecting different >> hash algorithms like des, md5, sha1, blf or even sha256. >> >> Well, I never digged deep enough into the source code to reveal the >> magic and truth, so I will ask here for some help. Is it possible to >> change the md5-algorithm by default towards sha1 as recommended after >> the md5-collisions has been published? > > Are you sure sha1 is supported ? It looks like if you put in something > not understood in the login.conf file, it defaults to what appears to > be DES. > > ---Mike > >> Thanks in advance, >> Oliver Yes, you're absolutely right, I figured this also out after I tried evey possible hashing alogrithmen mentioned in the manpage. I use 'blf' now. Regards, Oliver From owner-freebsd-security@FreeBSD.ORG Fri Jan 9 06:37:42 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6273A106564A for ; Fri, 9 Jan 2009 06:37:42 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: from strawberry.noncombatant.org (strawberry.noncombatant.org [64.142.6.126]) by mx1.freebsd.org (Postfix) with ESMTP id 4D2E58FC13 for ; Fri, 9 Jan 2009 06:37:42 +0000 (UTC) (envelope-from chris@noncombatant.org) Received: by strawberry.noncombatant.org (Postfix, from userid 1001) id 6DB96866D77; Thu, 8 Jan 2009 22:20:26 -0800 (PST) Date: Thu, 8 Jan 2009 22:20:26 -0800 From: Chris Palmer To: freebsd-security@freebsd.org Message-ID: <20090109062026.GI38127@noncombatant.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i Subject: Incorrect (?) documentation for setreuid(2) could lead to security issues for user code X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2009 06:37:42 -0000 According to section 6.4.1 of "Setuid Demystified": http://www.cs.ucdavis.edu/~hchen/paper/usenix02.html FreeBSD 4.4's setreuid(2) man page is wrong. The man page for FBSD 7 says the same thing. Is it still wrong, or was the implementation changed to match the documentation? This person noticed the same problem for OBSD: http://www.nabble.com/setreuid()-documentation-is-confusing-and-wrong-td7953251.html