From owner-freebsd-security Mon May 13 7:29:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 3DACC37B409; Mon, 13 May 2002 07:28:30 -0700 (PDT) Received: (from jedgar@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g4DESUU29292; Mon, 13 May 2002 07:28:30 -0700 (PDT) (envelope-from security-advisories@FreeBSD.org) Date: Mon, 13 May 2002 07:28:30 -0700 (PDT) Message-Id: <200205131428.g4DESUU29292@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: jedgar set sender to security-advisories@FreeBSD.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Subject: FreeBSD Security Notice FreeBSD-SN-02:02 Reply-To: security-advisories@FreeBSD.org Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SN-02:02 Security Notice The FreeBSD Project Topic: security issues in ports Announced: 2002-05-13 I. Introduction Several ports in the FreeBSD Ports Collection are affected by security issues. These are listed below with references and affected versions. All versions given refer to the FreeBSD port/package version numbers. The listed vulnerabilities are not specific to FreeBSD unless otherwise noted. These ports are not installed by default, nor are they ``part of FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of third-party applications in a ready-to-install format. FreeBSD makes no claim about the security of these third-party applications. See for more information about the FreeBSD Ports Collection. II. Ports +------------------------------------------------------------------------+ Port name: analog Affected: versions < analog-5.22 Status: Fixed Cross-site scripting attack. +------------------------------------------------------------------------+ Port name: ascend-radius, freeradius-devel, icradius, radius-basic, radiusclient, radiusd-cistron, xtradius Affected: versions < radiusd-cistron-1.6.6 all versions of ascend-radius, freeradius-devel, icradius, radius-basic, radiusclient Status: Fixed: radiusd-cistron Not fixed: all others Digest Calculation buffer overflow and/or insufficient validation of attribute lengths. +------------------------------------------------------------------------+ Port name: dnews Affected: versions < dnews-5.5h2 Status: Fixed ``Security fault.'' +------------------------------------------------------------------------+ Port name: ethereal Affected: versions < ethereal-0.9.3 Status: Fixed SNMP vulnerability: malformed SNMP packets may cause ethereal to crash. +------------------------------------------------------------------------+ Port name: icecast Affected: versions < icecast-1.3.12 Status: Fixed Directory traversal vulnerability. Remote attackers may cause a denial of service via a URL that ends in . (dot), / (forward slash), or \ (backward slash). Buffer overflows may allow remote attackers to execute arbitrary code or cause a denial of service. +------------------------------------------------------------------------+ Port name: isc-dhcp3 Affected: versions < dhcp-3.0.1.r8_1 Status: Fixed Format string vulnerability when logging DNS-update request transactions. +------------------------------------------------------------------------+ Port name: jdk, jdk12-beta Affected: all versions Status: Not fixed ``A vulnerability in the Java(TM) Runtime Environment may allow an untrusted applet to monitor requests to and responses from an HTTP proxy server when a persistent connection is used between a client and an HTTP proxy server.'' (Bulletin 216) +------------------------------------------------------------------------+ Port name: linux-mozilla, mozilla Affected: versions < linux-mozilla-0.9.9.2002050810 versions < mozilla-1.0.rc1_3,1 Status: Fixed Buffer overflow in Chatzilla. XMLHttpRequest allows reading of local files. +------------------------------------------------------------------------+ Port name: mod_python Affected: versions < mod_python-2.7.8 Status: Fixed A publisher may access an indirectly imported module allowing a remote attacker to call functions from that module. +------------------------------------------------------------------------+ Port name: ntop Affected: all versions Status: Not fixed ``Preauthentication Remote Root Hole in NTOP'' +------------------------------------------------------------------------+ Port name: p5-SOAP-Lite Affected: versions < p5-SOAP-Lite-0.55 Status: Fixed Client may call any procedure on server. +------------------------------------------------------------------------+ Port name: puf Affected: versions < puf-0.93.1 Status: Fixed Format string vulnerability in error output. +------------------------------------------------------------------------+ Port name: sudo Affected: versions < sudo-1.6.6 Status: Fixed Heap overflow may allow local users to gain root access. +------------------------------------------------------------------------+ Port name: webalizer Affected: versions < webalizer-2.1.10 Status: Fixed Buffer overflow in the DNS resolver code. +------------------------------------------------------------------------+ Port name: xpilot Affected: versions < xpilot-4.5.2 Status: Fixed Stack buffer overflow in server. +------------------------------------------------------------------------+ III. Upgrading Ports/Packages To upgrade a fixed port/packages, perform one of the following: 1) Upgrade your Ports Collection and rebuild and reinstall the port. Several tools are available in the Ports Collection to make this easier. See: /usr/ports/devel/portcheckout /usr/ports/misc/porteasy /usr/ports/sysutils/portupgrade 2) Deinstall the old package and install a new package obtained from [i386] ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/ Packages are not automatically generated for other architectures at this time. +------------------------------------------------------------------------+ FreeBSD Security Notices are communications from the Security Officer intended to inform the user community about potential security issues, such as bugs in the third-party applications found in the Ports Collection, which will not be addressed in a FreeBSD Security Advisory. Feedback on Security Notices is welcome at . -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) Comment: FreeBSD: The Power To Serve iQCVAwUBPN/CwlUuHi5z0oilAQERywP/dSqt97FPlLlDJE7tYpA5625FSjqbrWod KsoKIBHM2ZIHAjnhAyF82tUT4ivMvJwepk1NE+W9YX77K7n5LHkfqY4kzCaVZJrY gkaR63Dw+M5gqJ5FjO0RkSDxsltsKjSa6ZzKxWdAeRwDPbE7CwsjTI2AoS/kzaLw ex+PhdbYjbc= =fK1t -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message