Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 May 2005 15:25:36 +0200
From:      "Simon L. Nielsen" <simon@FreeBSD.org>
To:        Jesper Wallin <jesper@hackunite.net>
Cc:        freebsd-security@freebsd.org
Subject:   Re: About the vulnerabilities in tcpdump and gzip.
Message-ID:  <20050517132535.GC15047@eddie.nitro.dk>
In-Reply-To: <4287B750.6050301@hackunite.net>
References:  <4287B750.6050301@hackunite.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--kfjH4zxOES6UT95V
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2005.05.15 22:55:44 +0200, Jesper Wallin wrote:

> About a week ago, right after 5.4-RELEASE was released, I received a=20
> mail from Gentoo Linux's security announcement list about a flaw in=20
> tcpdump and gzip. Since none of them are operating system related, I=20
> assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for=20
> the HTT security issue so I wonder, is the FreeBSD version of tcpdump=20
> and/or gzip are secured or simply forgotten/ignored?

I'm rather sure that FreeBSD is vulnerable to the tcpdump issue (since
I don't see any reason we should not be), but unfortunately the
proof-of-concept code does not work on FreeBSD, so I have not yet been
able to verify the problem.  That said, an advisory is upcomming, but
I cannot give you a date yet.

It should be noted that the tcpdump issue is DoS, not remote code
execution.

I do not know the status of the gzip issue, but I will look into it.

Both tcpdump and gzip issues are certainly not ignored, but preparing
an advisory (and all the related tasks) takes some time.

--=20
Simon L. Nielsen
FreeBSD Security Team

--kfjH4zxOES6UT95V
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)

iD8DBQFCifDPh9pcDSc1mlERAkE+AKCs42Z8TMaYPFAJuBfQzRuPPcGrhQCggWng
7a9mET6iXCSFDoXL0B2VI1E=
=sHnP
-----END PGP SIGNATURE-----

--kfjH4zxOES6UT95V--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050517132535.GC15047>