From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Mar 4 21:10:09 2011 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 60A961065672 for ; Fri, 4 Mar 2011 21:10:09 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 23C798FC15 for ; Fri, 4 Mar 2011 21:10:09 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p24LA9YO055573 for ; Fri, 4 Mar 2011 21:10:09 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p24LA8wW055572; Fri, 4 Mar 2011 21:10:09 GMT (envelope-from gnats) Resent-Date: Fri, 4 Mar 2011 21:10:09 GMT Resent-Message-Id: <201103042110.p24LA8wW055572@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Vova Glas Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7BEB31065670 for ; Fri, 4 Mar 2011 21:04:06 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 6A7878FC17 for ; Fri, 4 Mar 2011 21:04:06 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p24L46gF066282 for ; Fri, 4 Mar 2011 21:04:06 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id p24L46fE066281; Fri, 4 Mar 2011 21:04:06 GMT (envelope-from nobody) Message-Id: <201103042104.p24L46fE066281@red.freebsd.org> Date: Fri, 4 Mar 2011 21:04:06 GMT From: Vova Glas To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/155275: ports-mgmt/portaudit does not report installed vulnerable packages X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2011 21:10:09 -0000 >Number: 155275 >Category: ports >Synopsis: ports-mgmt/portaudit does not report installed vulnerable packages >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Mar 04 21:10:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Vova Glas >Release: 7.3-RELEASE-p4 >Organization: >Environment: FreeBSD boo.iga.home 7.3-RELEASE-p3 FreeBSD 7.3-RELEASE-p3 #14: Thu Nov 4 13:22:35 CET 2010 root@boo.iga.home:/usr/src/sys/i386/compile/boo73 i386 >Description: Vulnerable asterisk package is not reported: $ pkg_info | grep asterisk-1 asterisk-1.4.29_4 An Open Source PBX and telephony toolkit $ portaudit -d Database created: Fri Mar 4 21:00:01 CET 2011 $ portaudit -a Affected package: php52-5.2.17 Type of problem: php -- NULL byte poisoning. Reference: http://portaudit.FreeBSD.org/3761df02-0f9c-11e0-becc-0022156e8794.html 1 problem(s) in your installed packages found. You are advised to update or deinstall the affected package(s) immediately. $ gzcat /var/db/portaudit/auditfile.tbz | strings | grep asterisk14 asterisk14>1.4.*<1.4.39.2|http://portaudit.FreeBSD.org/65d16342-3ec8-11e0-9df7-001c42d23634.html|asterisk -- Exploitable Stack and Heap Array Overflows asterisk14>1.4.*<1.4.39.1|http://portaudit.FreeBSD.org/5ab9fb2a-23a5-11e0-a835-0003ba02bf30.html|asterisk -- Exploitable Stack Buffer Overflow as I can see the asterisk-1.4.29_4 must be reported as affected >How-To-Repeat: $ echo asterisk-1.4.29_4 | portaudit -f - 0 problem(s) found. >Fix: >Release-Note: >Audit-Trail: >Unformatted: