From owner-freebsd-security Mon May 22 21:33:29 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 1CFE937B9D9 for ; Mon, 22 May 2000 21:33:27 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id WAA18625; Mon, 22 May 2000 22:32:54 -0600 (MDT) Message-Id: <4.3.1.2.20000522222344.00dd2870@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.1 Date: Mon, 22 May 2000 22:32:49 -0600 To: Warner Losh , Fernando Schapachnik From: Brett Glass Subject: Re: The procfs Hole in 2.2.8-STABLE? Cc: cjclark@home.com, freebsd-security@FreeBSD.ORG In-Reply-To: <200005230344.VAA99816@harmony.village.org> References: <200005230126.WAA02250@ns1.via-net-works.net.ar> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 09:44 PM 5/22/2000, Warner Losh wrote: >Generally speaking, if the advisory doesn't mention the version of >freebsd you are interested in, then the bug is likely still in that >version. Also, there have been several DoS bugs that people have >written exploits for after bugs were corrected in FreeBSD. Not all of >these have had advisories since some of them have come along months or >years after the bug fix. As far as I know, the only remote exploits for 2.2.8 itself are DoS attacks, not root exploits. However, there ARE root exploits for some of the ported third-party daemons that were included with that release. Make sure that key daemons such as Apache, BIND, SSH, QPopper, etc. are updated and that unnecessary services are shut down. You should then be OK. The biggest stability problems in 2.2.8 have to do with problems in some of the old PCI and ATAPI code. (On some machines, it was necessary to compile with the ATAPI_STATIC option and remove the PCI driver to make the system stable, as I learned the hard way.) I administer very few systems that still run 2.2.8, but there are some. They're small-memory systems that would have trouble with the larger kernels generated by later versions. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message