From owner-freebsd-security Mon Jan 20 13:39:47 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 965CB37B401 for ; Mon, 20 Jan 2003 13:39:43 -0800 (PST) Received: from sccrmhc01.attbi.com (sccrmhc01.attbi.com [204.127.202.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3B6A43EB2 for ; Mon, 20 Jan 2003 13:39:42 -0800 (PST) (envelope-from crist.clark@attbi.com) Received: from blossom.cjclark.org (12-234-89-252.client.attbi.com[12.234.89.252]) by sccrmhc01.attbi.com (sccrmhc01) with ESMTP id <2003012021393600100hngf3e>; Mon, 20 Jan 2003 21:39:36 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.6/8.12.3) with ESMTP id h0KLdWeq035248; Mon, 20 Jan 2003 13:39:32 -0800 (PST) (envelope-from crist.clark@attbi.com) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.6/8.12.6/Submit) id h0KLdUei035247; Mon, 20 Jan 2003 13:39:30 -0800 (PST) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Mon, 20 Jan 2003 13:39:30 -0800 From: "Crist J. Clark" To: David Bell Cc: freebsd-security@freebsd.org Subject: Re: Vulnerability Note VU#412115 Message-ID: <20030120213930.GA34751@blossom.cjclark.org> Reply-To: "Crist J. Clark" References: <5.2.0.9.2.20030120075839.021bfec8@mail.servplex.com> <3E2C05F2.7080208@borderware.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3E2C05F2.7080208@borderware.com> User-Agent: Mutt/1.4i X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Jan 20, 2003 at 09:21:38AM -0500, David Bell wrote: > > Is FreeBSD vulnerable to the following, and if so is it being addressed? > > http://www.kb.cert.org/vuls/id/412115 Yes, many FreeBSD network drivers display this behavior. If you followed any of the later discussion by the authors on several mailing lists, FreeBSD was one of many OSes on which they duplicated the problem. As for whether the "vulnerability" is being addressed, this issue has been known about for a long, long time, but has never been regarded as a priority. The real security exposure here is quite small. The cost of potentially breaking stuff and hurting performance has never been seen to be worth the effort of a sweep. I personally am not aware of a concerted effort to go through all of the Ethernet drivers to zero out extra memory, but someone may be doing it... It's a bit of a PITA and there is not a whole lot the Project can do about binary-only drivers supplied by some vendors. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message