ports/124401: security/sshguard dumps core
Lucas Holt
lholt3 at emich.edu
Sun Jun 8 20:30:02 UTC 2008
>Number: 124401
>Category: ports
>Synopsis: security/sshguard dumps core
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun Jun 08 20:30:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Lucas Holt
>Release: FreeBSD 6.3-RELEASE p1
>Organization:
Eastern Michigan University
>Environment:
>Description:
sshguard has a known bug which causes it to crash. http://sourceforge.net/mailarchive/message.php?msg_name=940FAA1A-42A2-4D63-860E-B9EA5E7FAA89%40bitchx.it
This leaves core files in / which is unfriendly.
>How-To-Repeat:
Use sshguard with ipfw, and wait for brute force attacks.
>Fix:
Either a patch needs to be applied
or the port needs to be updated to the beta version of 1.1.
MidnightBSD included the patch in mports:
http://www.midnightbsd.org/cgi-bin/cvsweb.cgi/mports/security/sshguard/files/patch-sshguard.c?annotate=1.1
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list