From owner-freebsd-security  Thu Mar 28  7: 4: 9 2002
Delivered-To: freebsd-security@freebsd.org
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP id 3C1E237B431
	for <security@FreeBSD.ORG>; Thu, 28 Mar 2002 07:03:28 -0800 (PST)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
	by gw.nectar.cc (Postfix) with ESMTP
	id CBF6154; Thu, 28 Mar 2002 09:03:25 -0600 (CST)
Received: (from nectar@localhost)
	by madman.nectar.cc (8.11.6/8.11.6) id g2SF3PI01845;
	Thu, 28 Mar 2002 09:03:25 -0600 (CST)
	(envelope-from nectar)
Date: Thu, 28 Mar 2002 09:03:25 -0600
From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG>
To: Brett Glass <brett@lariat.org>
Cc: security@FreeBSD.ORG
Subject: Re: Is FreeBSD susceptible to this vulnerability?
Message-ID: <20020328150325.GB1421@madman.nectar.cc>
References: <4.3.2.7.2.20020328072932.03228b20@nospam.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <4.3.2.7.2.20020328072932.03228b20@nospam.lariat.org>
User-Agent: Mutt/1.3.27i
X-Url: http://www.nectar.cc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, Mar 28, 2002 at 07:31:03AM -0700, Brett Glass wrote:
> Apparently, several UNIX-like operating systems can be penetrated via 
> XDMCP/UDP; see
> 
> http://www.procheckup.com/security_info/vuln_pr0208.html
> 
> Is FreeBSD vulnerable? What about the other BSDs?

No, and this isn't exactly a `vulnerability'.  It is an insecure
default configuration.  This ``advisory'' is mostly a marketing ploy
for this ProCheckUp tool.

This is ancient issue.  I really don't get their `Comment' --- this
has been an administration issue since XDMCP existed (decades).  You
can find your `Xaccess' file in /etc/X11/xdm/Xaccess or
/usr/X11R6/lib/X11/xdm/Xaccess.  By default, XFree86 does not allow
remote hosts.

Of course, this only applies if you are running xdm.  You have to turn
xdm on yourself --- it is not on by default.

Note that wdm, gdm, and kdm have their own Xaccess files (IIRC), and
these have to be checked also if you are running them (duh).


Cheers,
-- 
Jacques A. Vidrine <n@nectar.cc>                 http://www.nectar.cc/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message