Date: Fri, 14 Jul 2000 21:06:33 -0500 From: Dave McKay <dave@mu.org> To: FreeBSD Security <freebsd_security@hotmail.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD User Security Advisory: FreeBSD-SA-00:BG Message-ID: <20000714210633.A16306@elvis.mu.org> In-Reply-To: <20000715011400.49832.qmail@hotmail.com>; from freebsd_security@hotmail.com on Sat, Jul 15, 2000 at 01:14:00AM %2B0000 References: <20000715011400.49832.qmail@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Account being canceled at this moment. FreeBSD Security (freebsd_security@hotmail.com) wrote: > -----BEGIN PGP SIGNED MESSAGE----- > > ============================================================================= > FreeBSD-SA-00:BG Security Advisory > FreeBSD, > Inc. > > Topic: The Brett Glass user can DOS the FreeBSD mailing lists. > > Category: user > Module: Brett Glass > Announced: 2000-07-14 > Affects: Mailing lists > Corrected: 2000-07-14 > Vendor status: Patch released > FreeBSD only: Yes > > I. Background > > The Brett Glass user is an active participant in various FreeBSD > mailing lists. > > II. Problem Description > > The FreeBSD mailing lists are a vital part of the FreeBSD community > and are the primary means by which many users obtain support and > exchange important information. > > A mailing list participant named Brett Glass has been in recent > weeks posting crack smoking ideas to the lists generating a lot of > noise and rendering the mailing lists next to useless as a means > of obtaining support and exchanging information. In other words, > causing a Denial Of Service. > > The Brett Glass user is not installed by default, nor is it "part > of FreeBSD" as such: it is part of the FreeBSD mailing lists, which > are a publicly available resource. > > FreeBSD makes no claim about the benefits of having certain users > participate in the mailing list discussions. > > Note, Linux mailing lists are thought not to be vulnerable due to > the license under which Linux is covered. The Brett Glass user > seems to avoid software distributed under the GPL. > > III. Impact > > Posts from the Brett Glass user can cause readers to miss vital > information contained in some posts. It also has the effect of > driving away some of the critical participants in the mailing lists. > > IV. Workaround > > Use your mail reader, or procmail, to filter all posts from the Brett > Glass user. > > V. Solution > > Add the following to your procmail filter: > > :0 > * ^From: brett@lariat\.org > /dev/null > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBOW+p97KP7aiUpF5FAQGy3AP/UEfoMb6C6IjUnXPe6prdSDMzOTlqcmYA > vquAomCIfTLbGaFkWsZL64xXSE0mfs5/X8LoubBi75RhnQ/TMYvE9GTMDIuUn6As > lI3lL0wiQoAr0TX2R6TiPMvQK7JisvcoYr9NUWkXG8BuwZ1c+RKBgzgEseVP4UU/ > y3lsjiEL3F0= > =daPy > -----END PGP SIGNATURE----- > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Dave McKay Network Engineer - Google Inc. dave@mu.org - dave@google.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000714210633.A16306>