[FUGSPBR] FreeBSD IPFW Me Point To Point Interface Address Addition Vulnerability
Andrés Alejandro Luengo González
andres.alejandro em sfw.com.br
Seg Ago 20 17:05:14 BRT 2001
FreeBSD is a freely available BSD-based UNIX Operating System
distributed and maintained by the FreeBSD Project.
When ipfw is used with the "me" identifier on a point to point
interface, it may result in access to the local host by the remote end
of the link. When the "me" identifier is used on the link, ipfw issues
the same rules for the remote end of the link. This could allow
unintended access to the local system by a remote host, and could lead
to potential compromise of local resources.
A patch is available.
FreeBSD FreeBSD 4.3-STABLE:
FreeBSD patch ipfw.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:53/ipfw.patch
FreeBSD FreeBSD 4.3-RELEASE:
FreeBSD patch ipfw.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:53/ipfw.patch
Source: http://www.securityfocus.com
----
Para sair da lista envie um e-mail para majordomo em fugspbr.org
com as palavras "unsubscribe fugspbr" no corpo da mensagem.
Mais detalhes sobre a lista de discussão freebsd