From owner-freebsd-security Tue May 28 10:58:39 2002 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 3408937B407; Tue, 28 May 2002 10:58:17 -0700 (PDT) Received: (from nectar@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g4SHwHo75682; Tue, 28 May 2002 10:58:17 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Date: Tue, 28 May 2002 10:58:17 -0700 (PDT) Message-Id: <200205281758.g4SHwHo75682@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Notice FreeBSD-SN-02:03 Reply-To: security-advisories@freebsd.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SN-02:03 Security Notice The FreeBSD Project Topic: security issues in ports Announced: 2002-05-28 I. Introduction Several ports in the FreeBSD Ports Collection are affected by security issues. These are listed below with references and affected versions. All versions given refer to the FreeBSD port/package version numbers. The listed vulnerabilities are not specific to FreeBSD unless otherwise noted. These ports are not installed by default, nor are they ``part of FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of third-party applications in a ready-to-install format. FreeBSD makes no claim about the security of these third-party applications. See for more information about the FreeBSD Ports Collection. II. Ports +------------------------------------------------------------------------+ Port name: amanda Affected: versions <= amanda-2.3.0.4 Status: Port removed Obsolete versions of Amanda contain multiple buffer overflows. +------------------------------------------------------------------------+ Port name: fetchmail Affected: versions < fetchmail-5.9.11 Status: Fixed +------------------------------------------------------------------------+ Port name: gaim Affected: versions < gaim-0.58 Status: Fixed World-readable temp files allow access to gaim users' hotmail accounts. +------------------------------------------------------------------------+ Port name: gnokii Affected: versions < gnokii-0.4.0.p20,1 Status: Fixed Write access to any file in the filesystem. +------------------------------------------------------------------------+ Port name: horde Affected: versions < horde-1.2.8 Status: Fixed Cross-site scripting attacks. +------------------------------------------------------------------------+ Port name: imap-uw Affected: all versions Status: Not fixed Only when compiled with RFC 1730 support (make -DWITH_RFC1730): Remote buffer overflow yielding non-privileged shell access. +------------------------------------------------------------------------+ Port name: imp Affected: versions < imp-2.2.8 Status: Fixed Cross-site scripting attacks. +------------------------------------------------------------------------+ Port name: linux-netscape6 Affected: versions < 6.2.3 Status: Fixed XMLHttpRequest allows reading of local files. +------------------------------------------------------------------------+ Port name: mnogosearch Affected: versions < mnogosearch-3.1.19_2 Status: Fixed Long query can be abused to execute code with webserver privileges. +------------------------------------------------------------------------+ Port name: mpg321 Affected: versions < mpg321-0.2.9 Status: Fixed Buffer overflow may allow remote attackers to execute arbitrary code via streaming data. +------------------------------------------------------------------------+ Port name: ssh2 Affected: all versions Status: Not fixed Password authentication may be used even if password authentication is disabled. +------------------------------------------------------------------------+ Port name: tinyproxy Affected: versions < tinyproxy-1.5.0 Status: Fixed Invalid query could allow execution of arbitrary code. +------------------------------------------------------------------------+ Port name: webmin Affected: versions < webmin-0.970 Status: Fixed Remote attacker can login to Webmin as any user. +------------------------------------------------------------------------+ III. Upgrading Ports/Packages To upgrade a fixed port/package, perform one of the following: 1) Upgrade your Ports Collection and rebuild and reinstall the port. Several tools are available in the Ports Collection to make this easier. See: /usr/ports/devel/portcheckout /usr/ports/misc/porteasy /usr/ports/sysutils/portupgrade 2) Deinstall the old package and install a new package obtained from [i386] ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/ Packages are not automatically generated for other architectures at this time. +------------------------------------------------------------------------+ FreeBSD Security Notices are communications from the Security Officer intended to inform the user community about potential security issues, such as bugs in the third-party applications found in the Ports Collection, which will not be addressed in a FreeBSD Security Advisory. Feedback on Security Notices is welcome at . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPPPEdFUuHi5z0oilAQFW8wP8CXG3dQyI5VPLp0m6frS4BtNtlkjOpq87 R/8FrDizVNGQ88+NzdPPPYWh8joAPGJZSXrWrSWKSge2dqEDK4CTpJ5BFzpQsxUZ kexaZ43DRxrUMQN1AWDyarE+/y8uCk3BnJTWhNLOf2HeOYNekOn/BHQ53ucpoaKs QQEX171+Jnk= =Z1i5 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message