[UNIX] FreeBSD Mod_frontpage Port Contains Exploitable Buffer Overflow
From: support@securiteam.comDate: 03/16/02
- Previous message: support@securiteam.com: "[NEWS] Another Buffer Overflow in Talentsoft's Web+"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Sat, 16 Mar 2002 12:31:09 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
FreeBSD Mod_frontpage Port Contains Exploitable Buffer Overflow
------------------------------------------------------------------------
SUMMARY
Mod_frontpage is a replacement for Microsoft's FrontPage apache patch to
support FP extensions. It is installed as a DSO module.
Several buffer overflow vulnerabilities in this module enable remote
attackers to execute arbitrary code as root.
DETAILS
Affected versions of the mod_frontpage port contain several exploitable
buffer overflows in the fpexec wrapper, which is installed setuid root.
The mod_frontpage port is not installed by default, nor is it "part of
FreeBSD" as such: it is part of the FreeBSD ports collection, which
contains over 6000 third-party applications in a ready-to-install format.
The ports collection shipped with FreeBSD 4.5 contains this security
problem since it was discovered after the release.
FreeBSD makes no claim about the security of these third-party
applications, although an effort is underway to provide a security audit
of the most security-critical ports.
Impact:
A local attacker may obtain superuser privileges by exploiting the buffer
overflow bugs in fpexec.
Workaround:
Uninstall the mod_frontpage ports/packages if you have them installed.
Solution:
Do one of the following:
1) Upgrade your entire ports collection and rebuild the port.
2) Uninstall the old package and install a new package dated after the
correction date, obtained from the following directories:
[i386]
<ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/>
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/
[alpha]
Packages are not automatically generated for the alpha architecture at
this time due to lack of build resources.
NOTE: It may be several days before updated packages are available.
3) Download a new port skeleton for the mod_frontpage port from:
<http://www.freebsd.org/ports/> http://www.freebsd.org/ports/
and use it to rebuild the port.
4) Use the portcheckout utility to automate option (3) above. The
portcheckout port is available in /usr/ports/devel/portcheckout or the
package can be obtained from:
<ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/Latest/portcheckout.tgz> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/Latest/portcheckout.tgz
ADDITIONAL INFORMATION
The information has been provided by <mailto:mbr@freebsd.org> Martin
Blapp.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] Another Buffer Overflow in Talentsoft's Web+"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
