From owner-freebsd-security Thu Mar 28 7: 0:39 2002 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id C5DCA37B417 for ; Thu, 28 Mar 2002 07:00:34 -0800 (PST) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id HAA23443; Thu, 28 Mar 2002 07:00:02 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda23429; Thu Mar 28 06:59:53 2002 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.6/8.9.1) id g2SExmN52954; Thu, 28 Mar 2002 06:59:48 -0800 (PST) Received: from UNKNOWN(10.1.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdS52949; Thu Mar 28 06:59:03 2002 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.6/8.9.1) id g2SEx3p66464; Thu, 28 Mar 2002 06:59:03 -0800 (PST) Message-Id: <200203281459.g2SEx3p66464@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdN66453; Thu Mar 28 06:58:33 2002 X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 Reply-To: Cy Schubert - CITS Open Systems Group From: Cy Schubert - CITS Open Systems Group X-Sender: schubert To: Brett Glass Cc: security@FreeBSD.ORG Subject: Re: Is FreeBSD susceptible to this vulnerability? In-Reply-To: Message from Brett Glass of "Thu, 28 Mar 2002 07:31:03 MST." <4.3.2.7.2.20020328072932.03228b20@nospam.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 28 Mar 2002 06:58:33 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <4.3.2.7.2.20020328072932.03228b20@nospam.lariat.org>, Brett Glass w rites: > Apparently, several UNIX-like operating systems can be penetrated via > XDMCP/UDP; see > > http://www.procheckup.com/security_info/vuln_pr0208.html > > Is FreeBSD vulnerable? What about the other BSDs? This is not specifically a *BSD problem. Looking at the default Xaccess that is shipped with the XFree86-4 port this is not a problem for this particular port. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Email: Cy.Schubert@osg.gov.bc.ca Open Systems Group, CITS Ministry of Management Services Province of BC FreeBSD UNIX: cy@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message