From owner-freebsd-security Wed Jan 15 08:37:14 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id IAA09987 for security-outgoing; Wed, 15 Jan 1997 08:37:14 -0800 (PST) Received: from postoffice.cso.uiuc.edu (postoffice.cso.uiuc.edu [128.174.5.11]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id IAA09981; Wed, 15 Jan 1997 08:37:09 -0800 (PST) Received: from alecto.physics.uiuc.edu (alecto.physics.uiuc.edu [128.174.83.167]) by postoffice.cso.uiuc.edu (8.6.12/8.6.12) with ESMTP id KAA16134; Wed, 15 Jan 1997 10:37:06 -0600 Received: by alecto.physics.uiuc.edu (940816.SGI.8.6.9/940406.SGI) id KAA21934; Wed, 15 Jan 1997 10:34:49 -0600 From: igor@alecto.physics.uiuc.edu (Igor Roshchin) Message-Id: <199701151634.KAA21934@alecto.physics.uiuc.edu> Subject: Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH (fwd) To: security@FreeBSD.ORG, owner-security@FreeBSD.ORG Date: Wed, 15 Jan 1997 10:34:49 -0600 (CST) X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Sorry for probably a lame question: Is this a new security hole, or something which has been patched for FreeBSD ? Any comment on this ? BTW, what is the FreeBSD team's "official" point of view concerning the Academ-branch of wu-ftpd ? Thanks, IgoR aka StR Forwarded message: >From owner-bugtraq@NETSPACE.ORG Tue Jan 14 17:45:23 1997 Approved-By: ALEPH1@UNDERGROUND.ORG X-Sender: hpj@tide.globecom.net MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Approved-By: Henrik P Johnson Message-ID: Date: Sun, 12 Jan 1997 19:56:01 +0100 Reply-To: Henrik P Johnson Sender: Bugtraq List From: Henrik P Johnson Subject: Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH X-To: Dave Kinchlea To: Multiple recipients of list BUGTRAQ In-Reply-To: Below comes an hopefully improved version of the sigfix.c file to fix w= u-ftp. This will block signals while within crusial parts of the FTP server, y= et the signals will occur after the resumesigs is called. I have no idea of ho= w portable this may or may not be, but it seems to work on HP, OSF, linux= and Solaris. Otherwise the patch as supplied by Dave Kinchlea should be applied. /* ######################### sigfix.c #################################= */ void #ifdef __STDC__ suspendsigs(void) #else suspendsigs() #endif { sigset_t sset=3D0; #ifdef SIGPIPE sset=3DSIGPIPE; #endif #ifdef SIGURG sset|=3DSIGURG; #endif sigprocmask(SIG_BLOCK,&sset,NULL); } void #ifdef __STDC__ resumesigs(void) #else reseumesigs() #endif { sigset_t sset=3D0; #ifdef SIGPIPE sset=3DSIGPIPE; #endif #ifdef SIGURG sset|=3DSIGURG; #endif sigprocmask(SIG_UNBLOCK,&sset,NULL); } =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D Henrik P Johnson Tel: +46-(0)31-812091 Eklandaga= tan 41a GlobeCom Network GSM: +46-(0)70-5409924 41261 G= =F6teborg IRC: [TC] FAX: +46-(0)31-208460 = Sweden E-Mail: king@globecom.net king@one.se, hpj@etek.chalmers.se, hpj@tjh.se= ... etc =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D Nice site: http://www.underscore.se/sj (Swedish)