Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Oct 2000 17:45:08 -0800
From:      Kris Kennaway <kris@FreeBSD.ORG>
To:        Dima Dorfman <dima@unixfreak.org>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: FreeBSD Security Advisory: FreeBSD-SA-00:58.chpass
Message-ID:  <20001030174508.A15508@citusc17.usc.edu>
In-Reply-To: <20001030235755.CB3A21F27@static.unixfreak.org>; from dima@unixfreak.org on Mon, Oct 30, 2000 at 03:57:55PM -0800
References:  <20001030231153.B618B37B4CF@hub.freebsd.org> <20001030235755.CB3A21F27@static.unixfreak.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--KsGdsel6WgEHnImy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Oct 30, 2000 at 03:57:55PM -0800, Dima Dorfman wrote:
> [ PGP not available, raw data follows ]
> > -----BEGIN PGP SIGNED MESSAGE-----
> >=20
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
> > FreeBSD-SA-00:58                                           Security Adv=
isory
> >                                                                 FreeBSD=
, Inc.
> >=20
> > Topic:          chpass family contains local root vulnerability
> >=20
> > Category:       core
> > Module:         chfn/chpass/chsh/ypchfn/ypchpass/ypchsh/passwd
>=20
> Forgive my ignorance, but I fail to see how 'passwd' is vulnerable.
> Yes, it does link with the affected file (pw_util.c), and calls the
> affected function (pw_error()), but, as far as I can tell, it never
> calls it with any parameters which can be controlled by the user.

Fair enough, I added this at the last minute to be sure without really
checking. Better to have someone upgrade something that isn't actually
a security risk than leave a vulnerable binary lying around.

Kris

--KsGdsel6WgEHnImy
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjn+JCMACgkQWry0BWjoQKX5HgCg2SqDVj5lp9IWEh8MNHvVVkcI
cJgAoM4BdlQ1Bpb4fgMHRtPP0iUi9CHQ
=IyLj
-----END PGP SIGNATURE-----

--KsGdsel6WgEHnImy--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001030174508.A15508>