From owner-freebsd-security@freebsd.org Mon Mar 9 14:32:27 2020 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E6A8263FCA for ; Mon, 9 Mar 2020 14:32:27 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 48bgfc4CKcz3QcY for ; Mon, 9 Mar 2020 14:32:24 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id BJS7jQqnWkqGXBJS8jRn2d; Mon, 09 Mar 2020 08:32:21 -0600 X-Authority-Analysis: v=2.3 cv=c/jVvi1l c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=IkcTkHD0fZMA:10 a=SS2py6AdgQ4A:10 a=bXeX1PwDAAAA:8 a=TWq6ZYQzAAAA:8 a=6I5d2MoRAAAA:8 a=YxBL1-UpAAAA:8 a=gWbQ5hvYUvsegHUX94YA:9 a=QEXdDO2ut3YA:10 a=kiV1RKKHogwA:10 a=5uQfOP5KVnhETi4VnffY:22 a=ELI009spOhp4_qEUuRHw:22 a=IjZwj45LgO3ly-622nXo:22 a=Ia-lj3WSrqcvXOmTRaiG:22 Received: from Resas-iPad.esitwifi.local (S0106788a207e2972.gv.shawcable.net [70.66.154.233]) by spqr.komquats.com (Postfix) with ESMTPSA id 6E11D452; Mon, 9 Mar 2020 07:32:18 -0700 (PDT) Date: Mon, 09 Mar 2020 06:49:54 -0700 User-Agent: K-9 Mail for Android In-Reply-To: <13df3361-87b6-c6c1-e79d-2bbdd0146518@quip.cz> References: <13df3361-87b6-c6c1-e79d-2bbdd0146518@quip.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: Critical PPP Daemon Flaw To: freebsd-security@freebsd.org, Miroslav Lachman <000.fbsd@quip.cz>, freebsd security From: Cy Schubert Message-ID: <5FD9E59C-1B15-4B07-AA5E-1B6F40CBDD08@cschubert.com> X-CMAE-Envelope: MS4wfH+iNScSLsdIm+YP/tKI7w629l0bvmdpKXxBBg/o1DEhULAekX5+uy5iYhRIAt6CVQXM7/qj4016pv/JkrQ/wSAOz9YDSIk4lRlvfopTXR6kAFyzPaJr ePz2PdvL4mZ2jqRShqlpzGBFSsdMA+ZMdtjzUzioXoTencFPriK1NZ6AE0PZZiuJCwEdGlBQqjWwNcWz475WaZL/pILRlYao6tUvxov5Mfi+has4fAtw4gPH X-Rspamd-Queue-Id: 48bgfc4CKcz3QcY X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; spf=none (mx1.freebsd.org: domain of cy.schubert@cschubert.com has no SPF policy when checking 64.59.134.12) smtp.mailfrom=cy.schubert@cschubert.com X-Spamd-Result: default: False [-4.72 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[233.154.66.70.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11,17.125.67.70.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[12.134.59.64.rep.mailspike.net : 127.0.0.18]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.993,0]; R_SPF_NA(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[12.134.59.64.list.dnswl.org : 127.0.5.1]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(-2.53)[ip: (-6.78), ipnet: 64.59.128.0/20(-3.24), asn: 6327(-2.53), country: CA(-0.09)]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Mar 2020 14:32:27 -0000 On March 9, 2020 4:23:10 AM PDT, Miroslav Lachman <000=2Efbsd@quip=2Ecz> wr= ote: >I don't know if FreeBSD is vulnerable or not=2E There are main Linux=20 >distros and NetBSD listed in the article=2E > >https://thehackernews=2Ecom/2020/03/ppp-daemon-vulnerability=2Ehtml > >The vulnerability, tracked as CVE-2020-8597 [1] with CVSS Score 9=2E8, >can=20 >be exploited by unauthenticated attackers to remotely execute arbitrary > >code on affected systems and take full control over them=2E > >[1] https://www=2Ekb=2Ecert=2Eorg/vuls/id/782301/ > >Kind regards >Miroslav Lachman >_______________________________________________ >freebsd-security@freebsd=2Eorg mailing list >https://lists=2Efreebsd=2Eorg/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to >"freebsd-security-unsubscribe@freebsd=2Eorg" Probably not=2E Ours is a different codebase from NetBSD=2E I haven't look= ed at what Red Hat has, no comment about theirs=2E However it would be prud= ent to verify our pppd isn't also vulnerable=2E --=20 Pardon the typos and autocorrect, small keyboard in use=2E=20 Cy Schubert FreeBSD UNIX: Web: https://www=2EFreeBSD=2Eorg The need of the many outweighs the greed of the few=2E Sent from my Android device with K-9 Mail=2E Please excuse my brevity=2E