FreeBSD Security Officer
2000-Apr-19 14:26 UTC
FreeBSD Security Advisory: FreeBSD-SA-00:13.generic-nqs
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================FreeBSD-SA-00:13 Security Advisory FreeBSD, Inc. Topic: generic-nqs contains a local root compromise Category: ports Module: generic-nqs Announced: 2000-04-19 Credits: Philippe Andersson <philippe_andersson@STE.SCITEX.COM> via BugTraq Affects: Ports collection before the correction date. Corrected: 2000-04-16 Vendor status: Updated version released. FreeBSD only: NO I. Background Generic-NQS is a Network Queuing System for batch-processing jobs across multiple machines. II. Problem Description Generic-NQS versions 3.50.7 and earlier contain a security vulnerability which allow a local user to easily obtain root privileges. Unfortunately, further details of the location and nature of the vulnerability were not provided by the original poster, upon request of the Generic-NQS developers. The generic-nqs port is not installed by default, nor is it "part of FreeBSD" as such: it is part of the FreeBSD ports collection, which contains over 3200 third-party applications in a ready-to-install format. The ports collection shipped with FreeBSD 4.0 contains this problem since it was discovered after the release. FreeBSD makes no claim about the security of these third-party applications, although an effort is underway to provide a security audit of the most security-critical ports. III. Impact A local user can obtain root privileges by exploiting a vulnerability in the generic-nqs package. If you have not chosen to install the generic-nqs port/package, then your system is not vulnerable to this problem. IV. Workaround Remove the generic-nqs port, if you you have installed it. V. Solution 1) Upgrade your entire ports collection and rebuild the generic-nqs port. 2) Reinstall a new package dated after the correction date, obtained from: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/generic-nqs-3.50.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/net/generic-nqs-3.50.9.tgz Note that it may be a few days before the updated package is available. 3) download a new port skeleton for the generic-nqs port from: http://www.freebsd.org/ports/ and use it to rebuild the port. 4) Use the portcheckout utility to automate option (3) above. The portcheckout port is available in /usr/ports/devel/portcheckout or the package can be obtained from: ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/devel/portcheckout-1.0.tgz -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBOP4kUVUuHi5z0oilAQGmYAQAntm5ianpGoWd2dr2Nf294InKoxRK5tt+ 61yGHUdZiFIWNUcEEow158vCnmAid1XyBRrYdeZLCs0EU0gaHRL21a1RpKab31T1 oc8pPK5mCyygwrXCf/u4aZES/HQyVbpryEqnvrggSzjlXExhsl6i+4YEBYHUO2Mi s8xowH91Sy4=eXhd -----END PGP SIGNATURE----- This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message