FreeBSD Security Notice FreeBSD-SN-02:02
FreeBSD Security Advisories
security-advisories at FreeBSD.org
Mon May 13 07:28:48 PDT 2002
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SN-02:02 Security Notice
The FreeBSD Project
Topic: security issues in ports
Announced: 2002-05-13
I. Introduction
Several ports in the FreeBSD Ports Collection are affected by security
issues. These are listed below with references and affected versions.
All versions given refer to the FreeBSD port/package version numbers.
The listed vulnerabilities are not specific to FreeBSD unless
otherwise noted.
These ports are not installed by default, nor are they ``part of
FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of
third-party applications in a ready-to-install format. FreeBSD makes
no claim about the security of these third-party applications. See
<URL:http://www.freebsd.org/ports/> for more information about the
FreeBSD Ports Collection.
II. Ports
+------------------------------------------------------------------------+
Port name: analog
Affected: versions < analog-5.22
Status: Fixed
Cross-site scripting attack.
<URL:http://www.analog.cx/security4.html>
+------------------------------------------------------------------------+
Port name: ascend-radius, freeradius-devel, icradius, radius-basic,
radiusclient, radiusd-cistron, xtradius
Affected: versions < radiusd-cistron-1.6.6
all versions of ascend-radius, freeradius-devel, icradius,
radius-basic, radiusclient
Status: Fixed: radiusd-cistron
Not fixed: all others
Digest Calculation buffer overflow and/or insufficient validation of
attribute lengths.
<URL:http://www.security.nnov.ru/advisories>
+------------------------------------------------------------------------+
Port name: dnews
Affected: versions < dnews-5.5h2
Status: Fixed
``Security fault.''
<URL:http://netwinsite.com/cgi/dnewsweb.cgi?cmd=article&group=netwin.dnews&item=7223&utag=>
+------------------------------------------------------------------------+
Port name: ethereal
Affected: versions < ethereal-0.9.3
Status: Fixed
SNMP vulnerability: malformed SNMP packets may cause ethereal to crash.
<URL:http://www.ethereal.com/appnotes/enpa-sa-00003.html>
+------------------------------------------------------------------------+
Port name: icecast
Affected: versions < icecast-1.3.12
Status: Fixed
Directory traversal vulnerability.
Remote attackers may cause a denial of service via a URL that ends in
. (dot), / (forward slash), or \ (backward slash).
Buffer overflows may allow remote attackers to execute arbitrary code or
cause a denial of service.
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0784>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1083>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1229>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-1230>
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0177>
+------------------------------------------------------------------------+
Port name: isc-dhcp3
Affected: versions < dhcp-3.0.1.r8_1
Status: Fixed
Format string vulnerability when logging DNS-update request transactions.
<URL:http://www.cert.org/advisories/CA-2002-12.html>
<URL:http://www.ngsec.com/docs/advisories/NGSEC-2002-2.txt>
+------------------------------------------------------------------------+
Port name: jdk, jdk12-beta
Affected: all versions
Status: Not fixed
``A vulnerability in the Java(TM) Runtime Environment may allow an
untrusted applet to monitor requests to and responses from an HTTP
proxy server when a persistent connection is used between a client and
an HTTP proxy server.''
<URL:http://sunsolve.sun.com/security> (Bulletin 216)
+------------------------------------------------------------------------+
Port name: linux-mozilla, mozilla
Affected: versions < linux-mozilla-0.9.9.2002050810
versions < mozilla-1.0.rc1_3,1
Status: Fixed
Buffer overflow in Chatzilla. XMLHttpRequest allows reading of local
files.
<URL:http://online.securityfocus.com/archive/1/270807>
+------------------------------------------------------------------------+
Port name: mod_python
Affected: versions < mod_python-2.7.8
Status: Fixed
A publisher may access an indirectly imported module allowing a remote
attacker to call functions from that module.
<URL:http://www.modpython.org/pipermail/mod_python/2002-April/001991.html>
+------------------------------------------------------------------------+
Port name: ntop
Affected: all versions
Status: Not fixed
``Preauthentication Remote Root Hole in NTOP''
<URL:http://online.securityfocus.com/archive/1/267053>
<URL:http://online.securityfocus.com/archive/1/267180>
+------------------------------------------------------------------------+
Port name: p5-SOAP-Lite
Affected: versions < p5-SOAP-Lite-0.55
Status: Fixed
Client may call any procedure on server.
<URL:http://use.perl.org/articles/02/04/09/000212.shtml?tid=5>
<URL:http://www.phrack.com/show.php?p=58&a=9>
<URL:http://www.soaplite.com/>
+------------------------------------------------------------------------+
Port name: puf
Affected: versions < puf-0.93.1
Status: Fixed
Format string vulnerability in error output.
<URL:http://puf.sourceforge.net/ChangeLog>
+------------------------------------------------------------------------+
Port name: sudo
Affected: versions < sudo-1.6.6
Status: Fixed
Heap overflow may allow local users to gain root access.
<URL:http://www.globalintersec.com/adv/sudo-2002041701.txt>
+------------------------------------------------------------------------+
Port name: webalizer
Affected: versions < webalizer-2.1.10
Status: Fixed
Buffer overflow in the DNS resolver code.
<URL:http://www.mrunix.net/webalizer/news.html>
<URL:http://online.securityfocus.com/archive/1/267551>
<URL:http://online.securityfocus.com/bid/4504>
+------------------------------------------------------------------------+
Port name: xpilot
Affected: versions < xpilot-4.5.2
Status: Fixed
Stack buffer overflow in server.
<URL:http://www.debian.org/security/2002/dsa-127>
+------------------------------------------------------------------------+
III. Upgrading Ports/Packages
To upgrade a fixed port/packages, perform one of the following:
1) Upgrade your Ports Collection and rebuild and reinstall the port.
Several tools are available in the Ports Collection to make this
easier. See:
/usr/ports/devel/portcheckout
/usr/ports/misc/porteasy
/usr/ports/sysutils/portupgrade
2) Deinstall the old package and install a new package obtained from
[i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/
Packages are not automatically generated for other architectures at
this time.
+------------------------------------------------------------------------+
FreeBSD Security Notices are communications from the Security Officer
intended to inform the user community about potential security issues,
such as bugs in the third-party applications found in the Ports
Collection, which will not be addressed in a FreeBSD Security
Advisory.
Feedback on Security Notices is welcome at <security-officer at FreeBSD.org>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
Comment: FreeBSD: The Power To Serve
iQCVAwUBPN/CwlUuHi5z0oilAQERywP/dSqt97FPlLlDJE7tYpA5625FSjqbrWod
KsoKIBHM2ZIHAjnhAyF82tUT4ivMvJwepk1NE+W9YX77K7n5LHkfqY4kzCaVZJrY
gkaR63Dw+M5gqJ5FjO0RkSDxsltsKjSa6ZzKxWdAeRwDPbE7CwsjTI2AoS/kzaLw
ex+PhdbYjbc=
=fK1t
-----END PGP SIGNATURE-----
This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message
More information about the freebsd-announce
mailing list