Date: Tue, 31 Oct 2000 18:28:31 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Borja Marcos <borjamar@sarenet.es> Cc: security-advisories@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:61.tcpdump Message-ID: <20001031182831.B18164@citusc17.usc.edu> In-Reply-To: <39FE7E95.60F46EB5@sarenet.es>; from borjamar@sarenet.es on Tue, Oct 31, 2000 at 09:11:01AM %2B0100 References: <20001030231311.7642A37B680@hub.freebsd.org> <39FE7E95.60F46EB5@sarenet.es>
next in thread | previous in thread | raw e-mail | index | archive | help
--QKdGvSO+nmPlgiQ/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Oct 31, 2000 at 09:11:01AM +0100, Borja Marcos wrote: > FreeBSD Security Advisories wrote: > > > > Several overflowable buffers were discovered in the version of tcpdump > > included in FreeBSD, during internal source code auditing. Some > > simply allow the remote attacker to crash the local tcpdump process, > > but there is a more serious vulnerability in the decoding of AFS ACL > > packets in the more recent version of tcpdump (tcpdump 3.5) included > > in FreeBSD 4.0-RELEASE, 4.1-RELEASE and 4.1.1-RELEASE, which may allow > > a remote attacker to execute arbitrary code on the local system > > (usually root, since root privileges are required to run tcpdump). >=20 > Something I love in FreeBSD: You don't need to be root. > Just need permissions to access /dev/bpf?. Perhaps you could > recommend running it as an ordinary user? A non-root remote exploit is nearly as bad. Arguably better to just fix it :-) Kris --QKdGvSO+nmPlgiQ/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjn/f84ACgkQWry0BWjoQKVoeQCguXUdRX2kB0hA2pC58/vaTPch j1UAoJ4t+dMg5/J9EZr5Z9PiS+Oo7Evs =zedw -----END PGP SIGNATURE----- --QKdGvSO+nmPlgiQ/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001031182831.B18164>