Date: Tue, 31 Oct 2000 09:11:01 +0100 From: Borja Marcos <borjamar@sarenet.es> To: security-advisories@freebsd.org, security@freebsd.org Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-00:61.tcpdump Message-ID: <39FE7E95.60F46EB5@sarenet.es> References: <20001030231311.7642A37B680@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
FreeBSD Security Advisories wrote: > > Several overflowable buffers were discovered in the version of tcpdump > included in FreeBSD, during internal source code auditing. Some > simply allow the remote attacker to crash the local tcpdump process, > but there is a more serious vulnerability in the decoding of AFS ACL > packets in the more recent version of tcpdump (tcpdump 3.5) included > in FreeBSD 4.0-RELEASE, 4.1-RELEASE and 4.1.1-RELEASE, which may allow > a remote attacker to execute arbitrary code on the local system > (usually root, since root privileges are required to run tcpdump). Something I love in FreeBSD: You don't need to be root. Just need permissions to access /dev/bpf?. Perhaps you could recommend running it as an ordinary user? The same can be said of argus, snort and other IDSs. Borja. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39FE7E95.60F46EB5>