Date: Fri, 14 Jul 2000 19:18:34 -0600 (MDT) From: "Jonathan M. Slivko" <jslivko@simphost.com> To: FreeBSD Security <freebsd_security@hotmail.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD User Security Advisory: FreeBSD-SA-00:BG Message-ID: <Pine.BSF.4.21.0007141918120.14789-100000@alpha.simphost.com> In-Reply-To: <20000715011400.49832.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I wouldn't appreciate this if I were him. Just think if it happened to you? ________________________________________________ Jonathan M. Slivko <jslivko@simphost.com> Technical Support: Simple Hosting Solutions Website: http://www.simphost.com, check us out! "The statements I make are not the statements of my employer!" -- Jonathan M. Slivko ________________________________________________ On Sat, 15 Jul 2000, FreeBSD Security wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > ============================================================================= > FreeBSD-SA-00:BG Security Advisory > FreeBSD, > Inc. > > Topic: The Brett Glass user can DOS the FreeBSD mailing lists. > > Category: user > Module: Brett Glass > Announced: 2000-07-14 > Affects: Mailing lists > Corrected: 2000-07-14 > Vendor status: Patch released > FreeBSD only: Yes > > I. Background > > The Brett Glass user is an active participant in various FreeBSD > mailing lists. > > II. Problem Description > > The FreeBSD mailing lists are a vital part of the FreeBSD community > and are the primary means by which many users obtain support and > exchange important information. > > A mailing list participant named Brett Glass has been in recent > weeks posting crack smoking ideas to the lists generating a lot of > noise and rendering the mailing lists next to useless as a means > of obtaining support and exchanging information. In other words, > causing a Denial Of Service. > > The Brett Glass user is not installed by default, nor is it "part > of FreeBSD" as such: it is part of the FreeBSD mailing lists, which > are a publicly available resource. > > FreeBSD makes no claim about the benefits of having certain users > participate in the mailing list discussions. > > Note, Linux mailing lists are thought not to be vulnerable due to > the license under which Linux is covered. The Brett Glass user > seems to avoid software distributed under the GPL. > > III. Impact > > Posts from the Brett Glass user can cause readers to miss vital > information contained in some posts. It also has the effect of > driving away some of the critical participants in the mailing lists. > > IV. Workaround > > Use your mail reader, or procmail, to filter all posts from the Brett > Glass user. > > V. Solution > > Add the following to your procmail filter: > > :0 > * ^From: brett@lariat\.org > /dev/null > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBOW+p97KP7aiUpF5FAQGy3AP/UEfoMb6C6IjUnXPe6prdSDMzOTlqcmYA > vquAomCIfTLbGaFkWsZL64xXSE0mfs5/X8LoubBi75RhnQ/TMYvE9GTMDIuUn6As > lI3lL0wiQoAr0TX2R6TiPMvQK7JisvcoYr9NUWkXG8BuwZ1c+RKBgzgEseVP4UU/ > y3lsjiEL3F0= > =daPy > -----END PGP SIGNATURE----- > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007141918120.14789-100000>