From security-officer@FreeBSD.ORG Sat Apr 29 02:58:28 2000 From: FreeBSD Security Officer , FreeBSD Security Officer Resent-From: mea culpa To: undisclosed-recipients: ; Resent-To: jericho@attrition.org Date: Wed, 19 Apr 2000 14:26:38 -0700 (PDT) Reply-To: postmaster@FreeBSD.ORG Subject: FreeBSD Security Advisory: FreeBSD-SA-00:13.generic-nqs -----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:13 Security Advisory FreeBSD, Inc. Topic: generic-nqs contains a local root compromise Category: ports Module: generic-nqs Announced: 2000-04-19 Credits: Philippe Andersson via BugTraq Affects: Ports collection before the correction date. Corrected: 2000-04-16 Vendor status: Updated version released. FreeBSD only: NO I. Background Generic-NQS is a Network Queuing System for batch-processing jobs across multiple machines. II. Problem Description Generic-NQS versions 3.50.7 and earlier contain a security vulnerability which allow a local user to easily obtain root privileges. Unfortunately, further details of the location and nature of the vulnerability were not provided by the original poster, upon request of the Generic-NQS developers. The generic-nqs port is not installed by default, nor is it "part of FreeBSD" as such: it is part of the FreeBSD ports collection, which contains over 3200 third-party applications in a ready-to-install format. The ports collection shipped with FreeBSD 4.0 contains this problem since it was discovered after the release. FreeBSD makes no claim about the security of these third-party applications, although an effort is underway to provide a security audit of the most security-critical ports. III. Impact A local user can obtain root privileges by exploiting a vulnerability in the generic-nqs package. If you have not chosen to install the generic-nqs port/package, then your system is not vulnerable to this problem. IV. Workaround Remove the generic-nqs port, if you you have installed it. V. Solution 1) Upgrade your entire ports collection and rebuild the generic-nqs port. 2) Reinstall a new package dated after the correction date, obtained from: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/net/generic-nqs-3.50.9.tgz Note that it may be a few days before the updated package is available. 3) download a new port skeleton for the generic-nqs port from: http://www.freebsd.org/ports/ and use it to rebuild the port. 4) Use the portcheckout utility to automate option (3) above. The portcheckout port is available in /usr/ports/devel/portcheckout or the package can be obtained from: ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/devel/portcheckout-1.0.tgz -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOP4kUVUuHi5z0oilAQGmYAQAntm5ianpGoWd2dr2Nf294InKoxRK5tt+ 61yGHUdZiFIWNUcEEow158vCnmAid1XyBRrYdeZLCs0EU0gaHRL21a1RpKab31T1 oc8pPK5mCyygwrXCf/u4aZES/HQyVbpryEqnvrggSzjlXExhsl6i+4YEBYHUO2Mi s8xowH91Sy4= =eXhd -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security-notifications" in the body of the message