3571e53040
patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
91 lines
3.4 KiB
Text
91 lines
3.4 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
=============================================================================
|
|
FreeBSD-SA-00:72 Security Advisory
|
|
FreeBSD, Inc.
|
|
|
|
Topic: curl client-side vulnerability
|
|
|
|
Category: ports
|
|
Module: curl
|
|
Announced: 2000-11-20
|
|
Credits: Wichert Akkerman <wichert@cistron.nl>
|
|
Affects: Ports collection prior to the correction date.
|
|
Corrected: 2000-10-30
|
|
Vendor status: Updated version released
|
|
FreeBSD only: NO
|
|
|
|
I. Background
|
|
|
|
curl is a multi-protocol file retrieval tool.
|
|
|
|
II. Problem Description
|
|
|
|
The curl port, versions prior to 7.4.1, allows a client-side exploit
|
|
through a buffer overflow in the error handling code. A malicious ftp
|
|
server operator can cause arbitrary code to be executed by the user
|
|
running the curl client.
|
|
|
|
The curl port is not installed by default, nor is it "part of FreeBSD"
|
|
as such: it is part of the FreeBSD ports collection, which contains
|
|
over 4100 third-party applications in a ready-to-install format.
|
|
The ports collections shipped with FreeBSD 3.5.1 and 4.1.1 contain
|
|
this problem since it was discovered after the releases, but it was
|
|
corrected prior to the release of FreeBSD 4.2.
|
|
|
|
FreeBSD makes no claim about the security of these third-party
|
|
applications, although an effort is underway to provide a security
|
|
audit of the most security-critical ports.
|
|
|
|
III. Impact
|
|
|
|
Malicious FTP server operators can execute arbitrary code on the local
|
|
system when a file is downloaded from this server.
|
|
|
|
If you have not chosen to install the curl port/package, then your
|
|
system is not vulnerable to this problem.
|
|
|
|
IV. Workaround
|
|
|
|
Deinstall the curl port/package, if you you have installed it.
|
|
|
|
V. Solution
|
|
|
|
One of the following:
|
|
|
|
1) Upgrade your entire ports collection and rebuild the curl port.
|
|
|
|
2) Deinstall the old package and install a new package dated after the
|
|
correction date, obtained from:
|
|
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/ftp/curl-7.4.1.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ftp/curl-7.4.1.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/ftp/curl-7.4.1.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/ftp/curl-7.4.1.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/ftp/curl-7.4.1.tgz
|
|
|
|
3) download a new port skeleton for the curl port from:
|
|
|
|
http://www.freebsd.org/ports/
|
|
|
|
and use it to rebuild the port.
|
|
|
|
4) Use the portcheckout utility to automate option (3) above. The
|
|
portcheckout port is available in /usr/ports/devel/portcheckout or the
|
|
package can be obtained from:
|
|
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/devel/portcheckout-2.0.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/devel/portcheckout-2.0.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/devel/portcheckout-2.0.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/devel/portcheckout-2.0.tgz
|
|
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/devel/portcheckout-2.0.tgz
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v1.0.4 (FreeBSD)
|
|
Comment: For info see http://www.gnupg.org
|
|
|
|
iQCVAwUBOhmXtlUuHi5z0oilAQGoWwP8D4Do6NX9PMIrCaky4BU4rj37l5PO7kHn
|
|
h94zc2ISFpX5IBceUDCbVNjJJPkA8hXHhWXHZulpruu6yza/V9Oo3Uz86HrzY4Tw
|
|
7Rj3iwQ/5/wJW3Ya/BcnBozk1/NlnAxGzKluTOlHe8UCFPV8JtCrE5RPRHMQ3BP8
|
|
IN3EDVdvLzw=
|
|
=EQge
|
|
-----END PGP SIGNATURE-----
|