From owner-freebsd-security Mon Nov 13 22:10:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 8286537B479 for ; Mon, 13 Nov 2000 22:10:14 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eAE6BUY15719; Mon, 13 Nov 2000 22:11:30 -0800 (PST) (envelope-from kris) Date: Mon, 13 Nov 2000 22:11:30 -0800 From: Kris Kennaway To: Trevor Johnson Cc: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:68.ncurses Message-ID: <20001113221129.A15599@citusc17.usc.edu> References: <20001113235453.B39D637B479@hub.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="TB36FDmn/VVEgNH/" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from trevor@jpj.net on Mon, Nov 13, 2000 at 10:56:55PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --TB36FDmn/VVEgNH/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 13, 2000 at 10:56:55PM -0500, Trevor Johnson wrote: > This advisory would be better with a little more information: >=20 > - it doesn't mention that systems with telnetd linked against a vulnerable > version of ncurses are susceptible to a remote DoS that doesn't require > the attacker to remain connected (described to me by Esa Etelavuori > and confirmed on my 4.1.1-R and 5.0-S systems). This is a separate advisory under preparation, since it's really a separate problem. > - it doesn't mention that the devel/ncurses port, until 2000-11-10, > installed a reportedly vulnerable version of the library. Oops, that was an oversight. > - it doesn't mention the report by venglin of > problems with 3.x (http://www.securityfocus.com/advisories/2269). I haven't been able to confirm it (and fixing it in 3.x is going to be something of a pain) - I haven't got any 3.x machines to test on. Actually I had something in a previous revision of the advisory which contained stronger language but I toned it down and unintentionally made it sound like we didn't know the problem had been reported. I'll probably update this tomorrow..thanks for the feedback. Kris --TB36FDmn/VVEgNH/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoQ15EACgkQWry0BWjoQKXhRQCdGcw69BAKVYsuTefxlnLTI8nI d7AAn3M7hU0VolNbgDsjoh/HXomrtJzl =xx6c -----END PGP SIGNATURE----- --TB36FDmn/VVEgNH/-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message