From owner-freebsd-security@FreeBSD.ORG Tue May 17 13:25:39 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9787316A4CE for ; Tue, 17 May 2005 13:25:39 +0000 (GMT) Received: from eddie.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3044443D72 for ; Tue, 17 May 2005 13:25:39 +0000 (GMT) (envelope-from simon@eddie.nitro.dk) Received: by eddie.nitro.dk (Postfix, from userid 1000) id 44E17119C4C; Tue, 17 May 2005 15:25:36 +0200 (CEST) Date: Tue, 17 May 2005 15:25:36 +0200 From: "Simon L. Nielsen" To: Jesper Wallin Message-ID: <20050517132535.GC15047@eddie.nitro.dk> References: <4287B750.6050301@hackunite.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="kfjH4zxOES6UT95V" Content-Disposition: inline In-Reply-To: <4287B750.6050301@hackunite.net> User-Agent: Mutt/1.5.9i cc: freebsd-security@freebsd.org Subject: Re: About the vulnerabilities in tcpdump and gzip. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 May 2005 13:25:39 -0000 --kfjH4zxOES6UT95V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2005.05.15 22:55:44 +0200, Jesper Wallin wrote: > About a week ago, right after 5.4-RELEASE was released, I received a=20 > mail from Gentoo Linux's security announcement list about a flaw in=20 > tcpdump and gzip. Since none of them are operating system related, I=20 > assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for=20 > the HTT security issue so I wonder, is the FreeBSD version of tcpdump=20 > and/or gzip are secured or simply forgotten/ignored? I'm rather sure that FreeBSD is vulnerable to the tcpdump issue (since I don't see any reason we should not be), but unfortunately the proof-of-concept code does not work on FreeBSD, so I have not yet been able to verify the problem. That said, an advisory is upcomming, but I cannot give you a date yet. It should be noted that the tcpdump issue is DoS, not remote code execution. I do not know the status of the gzip issue, but I will look into it. Both tcpdump and gzip issues are certainly not ignored, but preparing an advisory (and all the related tasks) takes some time. --=20 Simon L. Nielsen FreeBSD Security Team --kfjH4zxOES6UT95V Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCifDPh9pcDSc1mlERAkE+AKCs42Z8TMaYPFAJuBfQzRuPPcGrhQCggWng 7a9mET6iXCSFDoXL0B2VI1E= =sHnP -----END PGP SIGNATURE----- --kfjH4zxOES6UT95V--