svn commit: r48016 - head/share/security/advisories

Gleb Smirnoff glebius at FreeBSD.org
Thu Jan 14 18:05:16 UTC 2016 

Author: glebius (src committer)
Date: Thu Jan 14 18:05:15 2016
New Revision: 48016
URL: https://svnweb.freebsd.org/changeset/doc/48016

Log:
  Fix the snmpd.config file name throughout the advisory.
  
  Submitted by:	Wout Decré <wout canodus.be>
  Submitted by:	Andrei <az azsupport.com>

Modified:
  head/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc

Modified: head/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc
==============================================================================
--- head/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc	Thu Jan 14 17:50:53 2016	(r48015)
+++ head/share/security/advisories/FreeBSD-SA-16:06.bsnmpd.asc	Thu Jan 14 18:05:15 2016	(r48016)
@@ -5,7 +5,7 @@ Hash: SHA512
 FreeBSD-SA-16:06.bsnmpd                                     Security Advisory
                                                           The FreeBSD Project
 
-Topic:          Insecure default bsnmpd.conf permissions
+Topic:          Insecure default snmpd.config permissions
 
 Category:       contrib
 Module:         bsnmpd
@@ -32,8 +32,8 @@ implements all other MIBs through loadab
 II.  Problem Description
 
 The SNMP protocol supports an authentication model called USM, which relies
-on a shared secret.  The default permission of the bsnmpd configuration file,
-/etc/bsnmpd.conf, is weak and does not provide adequate protection against
+on a shared secret.  The default permission of the snmpd.configiguration file,
+/etc/snmpd.config, is weak and does not provide adequate protection against
 local unprivileged users.
 
 III. Impact
@@ -49,7 +49,7 @@ authentication model are not vulnerable.
 V.   Solution
 
 This vulnerability can be fixed by modifying the permission on
-/etc/bsnmpd.conf to owner root:wheel and permission 0600.
+/etc/snmpd.config to owner root:wheel and permission 0600.
 
 The patch is provided mainly for third party vendors who deploy FreeBSD
 and provide a safe default.  The patch itself DOES NOT fix the permissions
@@ -60,7 +60,7 @@ The patch can be applied by performing o
 1) Upgrade your vulnerable system to a supported FreeBSD stable or
 release / security branch (releng) dated after the correction date.
 
-The system administrator should change the permission on /etc/bsnmpd.conf
+The system administrator should change the permission on /etc/snmpd.config
 to root:wheel and 0600.
 
 2) To update your vulnerable system via a binary patch:
@@ -71,7 +71,7 @@ platforms can be updated via the freebsd
 # freebsd-update fetch
 # freebsd-update install
 
-The system administrator should change the permission on /etc/bsnmpd.conf
+The system administrator should change the permission on /etc/snmpd.config
 to root:wheel and 0600.
 
 3) To update your vulnerable system via a source code patch:
@@ -126,17 +126,17 @@ The latest revision of this advisory is 
 <URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:06.bsnmpd.asc>
 -----BEGIN PGP SIGNATURE-----
 
-iQIcBAEBCgAGBQJWl2j4AAoJEO1n7NZdz2rnkaQP/3K9kqYY1YoHQ++uzFPnfuZQ
-mkGPJ0frGG46pTL806QJidky6D0LP0zNCzhtU45ZlFMguJ3B3QYp/62Cw61dBG22
-x0uEkvI2F2F39IPA/clspyUHg3Y1RYgTpJrxey0JLrK0yxelyI8vMwB4tCB2eEDW
-ZGVU6rvFQcWJOWHABXVYcc+4Yy5ucudp0QbJsVHAKLtF7MLuntVlUj+x4Nncog5k
-kmGt6W7tzFn2gNsWcmntmG/LWyPkPURWhYfIj3fgcRrpMTVIDFX5PTgQyJR7DwOM
-/beIoQxxKBUwTW1ZRgvcCqFBu7DKSCMABoHgpqLj1gdeiJ1LaO4dErtWXvdBEAAP
-+XLi5OkRG3OKzIAIRnkz/SrkAUoRkzHEK1dI0coyw7AdXXjDBWtX+n9lzRXs7hqT
-LC3riK/Km9OYVn3+T7tCWnvKN45f+FnD8zxZDE+33Jv9wI8X+CCs9GjJdoJ0HDSd
-b6rg8E4gGPzfwFxSNXZQKfDSSuVBECIp3av1gp6hN3qZNOX/sadMsxro8VVGFLPg
-81rC+JfKNTeVtxF8oJi9eg3FQ/eupxQv4RvC2c37R7LcErAU1KKxZyNrwv6xDEMx
-QVnx74o+luxXSirLxq276pfBQJdMjxYzWCj6E8ztcAZenz3M4WNiRFlt7hdq/3YO
-bDBdQPe4eYSHHSGyGcz/
-=LDPU
+iQIcBAEBCgAGBQJWl+LcAAoJEO1n7NZdz2rnZgcQANXfhZ5c/0sRlLmSGtvvCOvC
+Zw7OEFrFuEgDL4RmjsJznQ6CJ7CO/4rF6+oaDRpCaJCfo2r92mpk3N+q907L9yZD
+JR6dXajZugrq5cXnn3n5zMKiWQJnA5hQ9xz4dxRIsVwGcDKNmPDH37nmL7iv0E1n
+AkTLoUTXqwYZvUm+K3uDXA/i/ML8lQ7ERRdY2+4cufo2pGD6TfzNuxYMOzQldS29
+4ikv30TTdSMhKxjYS+qMkeFKvwr2UGwERO/eGhoBwqwXV0MAsKDgX4ahfgu7VQln
+Qs+2VaRk9PYPYS6DuOaUc+rCJ1SxmZ5/vK7ULt4zvxNT0r+sp0wvxYsDcQP2JDL5
+iY+O0gvDi4ob0Y+30YaLwoM7L7yW+Lzgv+QgT344T2iDOu3ZEZK/n4gEkD+HYNkJ
+/mU/frCbBbcil8AhyiBO/shjATPfRWSGJUpkYpDDnzR1fhojRJlrkl8WOprjHtYw
+OntSUQ1tXsYUJ0iNyhYDNlfI8abjOw/jAqeFBFjFa6FvA/pml+jyWGsscl7evrwQ
+uIzJo7yHwcqxa7pqSAdiPRVE3hnzeR0yZtOHBpOvR/veHdoXfYhn1QZCIy6hbuSy
+gN3vPm+vow5Ls46i0JVNzXRdGWiIVyfHt9axoQOef5zvbsLm9qgGECrTBHjbow2I
+fQ7dKyaCpR1ORJ0NLH61
+=hOZk
 -----END PGP SIGNATURE-----

More information about the svn-doc-all mailing list