FreeBSD Security Advisories
2002-May-28 10:58 UTC
FreeBSD Security Notice FreeBSD-SN-02:03
-----BEGIN PGP SIGNED MESSAGE-----
============================================================================FreeBSD-SN-02:03
Security Notice
The FreeBSD Project
Topic: security issues in ports
Announced: 2002-05-28
I. Introduction
Several ports in the FreeBSD Ports Collection are affected by security
issues. These are listed below with references and affected versions.
All versions given refer to the FreeBSD port/package version numbers.
The listed vulnerabilities are not specific to FreeBSD unless
otherwise noted.
These ports are not installed by default, nor are they ``part of
FreeBSD'' as such. The FreeBSD Ports Collection contains thousands of
third-party applications in a ready-to-install format. FreeBSD makes
no claim about the security of these third-party applications. See
<URL:http://www.freebsd.org/ports/> for more information about the
FreeBSD Ports Collection.
II. Ports
+------------------------------------------------------------------------+
Port name: amanda
Affected: versions <= amanda-2.3.0.4
Status: Port removed
Obsolete versions of Amanda contain multiple buffer overflows.
<URL:http://online.securityfocus.com/archive/1/274215>
+------------------------------------------------------------------------+
Port name: fetchmail
Affected: versions < fetchmail-5.9.11
Status: Fixed
<URL:http://tuxedo.org/~esr/fetchmail/NEWS>
<URL:http://rhn.redhat.com/errata/RHSA-2002-047.html>
+------------------------------------------------------------------------+
Port name: gaim
Affected: versions < gaim-0.58
Status: Fixed
World-readable temp files allow access to gaim users' hotmail
accounts.
<URL:http://online.securityfocus.com/archive/1/272180>
+------------------------------------------------------------------------+
Port name: gnokii
Affected: versions < gnokii-0.4.0.p20,1
Status: Fixed
Write access to any file in the filesystem.
<URL:http://www.gnokii.org/news.shtml>
+------------------------------------------------------------------------+
Port name: horde
Affected: versions < horde-1.2.8
Status: Fixed
Cross-site scripting attacks.
+------------------------------------------------------------------------+
Port name: imap-uw
Affected: all versions
Status: Not fixed
Only when compiled with RFC 1730 support (make -DWITH_RFC1730):
Remote buffer overflow yielding non-privileged shell access.
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0379>
<URL:http://marc.theaimsgroup.com/?l=bugtraq&m=102107222100529&w=2>
+------------------------------------------------------------------------+
Port name: imp
Affected: versions < imp-2.2.8
Status: Fixed
Cross-site scripting attacks.
+------------------------------------------------------------------------+
Port name: linux-netscape6
Affected: versions < 6.2.3
Status: Fixed
XMLHttpRequest allows reading of local files.
<URL:http://online.securityfocus.com/archive/1/270807>
+------------------------------------------------------------------------+
Port name: mnogosearch
Affected: versions < mnogosearch-3.1.19_2
Status: Fixed
Long query can be abused to execute code with webserver privileges.
<URL:http://online.securityfocus.com/archive/1/272025>
+------------------------------------------------------------------------+
Port name: mpg321
Affected: versions < mpg321-0.2.9
Status: Fixed
Buffer overflow may allow remote attackers to execute arbitrary code via
streaming data.
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0272>
+------------------------------------------------------------------------+
Port name: ssh2
Affected: all versions
Status: Not fixed
Password authentication may be used even if password authentication
is disabled.
<URL:http://www.ssh.com/products/ssh/advisories/authentication.cfm>
+------------------------------------------------------------------------+
Port name: tinyproxy
Affected: versions < tinyproxy-1.5.0
Status: Fixed
Invalid query could allow execution of arbitrary code.
<URL:http://tinyproxy.sourceforge.net/NEWS>
+------------------------------------------------------------------------+
Port name: webmin
Affected: versions < webmin-0.970
Status: Fixed
Remote attacker can login to Webmin as any user.
<URL:http://www.webmin.com/webmin/changes.html>
+------------------------------------------------------------------------+
III. Upgrading Ports/Packages
To upgrade a fixed port/package, perform one of the following:
1) Upgrade your Ports Collection and rebuild and reinstall the port.
Several tools are available in the Ports Collection to make this
easier. See:
/usr/ports/devel/portcheckout
/usr/ports/misc/porteasy
/usr/ports/sysutils/portupgrade
2) Deinstall the old package and install a new package obtained from
[i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/All/
Packages are not automatically generated for other architectures at
this time.
+------------------------------------------------------------------------+
FreeBSD Security Notices are communications from the Security Officer
intended to inform the user community about potential security issues,
such as bugs in the third-party applications found in the Ports
Collection, which will not be addressed in a FreeBSD Security
Advisory.
Feedback on Security Notices is welcome at <security-officer@FreeBSD.org>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iQCVAwUBPPPEdFUuHi5z0oilAQFW8wP8CXG3dQyI5VPLp0m6frS4BtNtlkjOpq87
R/8FrDizVNGQ88+NzdPPPYWh8joAPGJZSXrWrSWKSge2dqEDK4CTpJ5BFzpQsxUZ
kexaZ43DRxrUMQN1AWDyarE+/y8uCk3BnJTWhNLOf2HeOYNekOn/BHQ53ucpoaKs
QQEX171+Jnk=Z1i5
-----END PGP SIGNATURE-----
This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message