Security Exploits found in FreeBSD 4.10's ports tree.
Stijn Hoop
stijn at win.tue.nl
Wed Dec 15 23:10:16 PST 2004
On Thu, Dec 16, 2004 at 07:40:42AM +0100, Lupe Christoph wrote:
> On Wednesday, 2004-12-15 at 17:03:59 -0800, Pedro F. Giffuni wrote:
> > This made it to Slashdot today,
>
> I can't find anything resembling this on Slashdot. Can you please
> provide a link to the article?
http://it.slashdot.org/it/04/12/15/2113202.shtml?tid=172&tid=146&tid=128&tid=130&tid=1&tid=106
Apparently a lot of vulnerabilities were found by a class of DJB's students.
> > but what they didn't mention is that the
> > xploits were found in FreeBSD 4.10's ports tree (at least the few that I've
> > checked):
Well the exploits are in the software itself, as far as I can determine,
so yes, of course they will also be in the ports tree.
> > http://tigger.uic.edu/~jlongs2/holes/
>
> A traceroute to tigger.uic.edu fails after 31-35.gw.uic.edu
> (128.248.246.174).
It appears to be slashdotted.
--Stijn
--
Man had always assumed that he was more intelligent than dolphins because
he had achieved so much... the wheel, New York, wars, and so on, whilst
all the dolphins had ever done was muck about in the water having a good
time. But conversely the dolphins believed themselves to be more intelligent
than man for precisely the same reasons.
-- Douglas Adams, "The Hitchhikers Guide To The Galaxy"
More information about the freebsd-ports
mailing list