From owner-freebsd-security  Thu Sep  7  2:22:25 2000
Delivered-To: freebsd-security@freebsd.org
Received: from mail2.netcologne.de (mail2.netcologne.de [194.8.194.103])
	by hub.freebsd.org (Postfix) with ESMTP
	id CAFCE37B422; Thu,  7 Sep 2000 02:22:22 -0700 (PDT)
Received: from bagabeedaboo.security.at12.de (dial-213-168-73-240.netcologne.de [213.168.73.240])
	by mail2.netcologne.de (8.9.3/8.9.3) with ESMTP id LAA05126;
	Thu, 7 Sep 2000 11:22:21 +0200 (MET DST)
Received: from localhost (localhost.security.at12.de [127.0.0.1])
	by bagabeedaboo.security.at12.de (8.11.0/8.11.0) with ESMTP id e879MAr00405;
	Thu, 7 Sep 2000 11:22:10 +0200 (CEST)
	(envelope-from pherman@frenchfries.net)
Date: Thu, 7 Sep 2000 11:22:10 +0200 (CEST)
From: Paul Herman <pherman@frenchfries.net>
To: Neil Blakey-Milner <nbm@mithrandr.moria.org>
Cc: Kris Kennaway <kris@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG
Subject: Re: UNIX locale format string vulnerability (fwd)
In-Reply-To: <20000907104925.A37872@mithrandr.moria.org>
Message-ID: <Pine.BSF.4.21.0009071114230.354-100000@bagabeedaboo.security.at12.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 7 Sep 2000, Neil Blakey-Milner wrote:

> On Thu 2000-09-07 (10:12), Vladimir Mencl, MK, susSED wrote:
> > 
> > However, I think that FreeBSD is vulnerable with the sudo port
> > installed.
> > 
> > Although sudo discards some dangerous environment variables (LD_LIBRARY_PATH)
> > it does pass the LC_ALL, PATH_LOCALE variables through.
> 
> Why would someone install the sudo RedHat package on FreeBSD?

:)  I think he meant the FreeBSD sudo port, which in turn *may* sudo a
Linux binary. (yes, I know, not so likely, but...)

However, this thread only talked about vulnerable Linux programs under
emulation.  There were indeed two advisories this last weekend, the
glibc advisory (linux only) and the locale advisory, which AFAIK
affects other platforms (Solaris is affected, for example.)

I've been following freebsd-security, but I haven't seen any
confirmation one way or the other (except for linux binaries mentioned
in this thread.)  Kris, is FreeBSD itself vulnerable to the locale
vuln.?

-Paul.





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message