[FUGSPBR] Security Advisory

Luiz pasquall em terra.com.br
Sex Jun 28 10:23:45 BRT 2002 

Caros,

Estou aplicando este patch e surgiu-me uma dúvida: A solução 
sugerida de um jeito ou de outro teremos que reiniciar a 
máquina, pois o sistema foi recompilado. Há alguma outra 
maneira de corrigirmos sem o reboot?

Era isso, valeu

[]'s





-------- Original Message --------
Subject: FreeBSD Security Advisory FreeBSD-SA-02:28.resolv
Date: Wed, 26 Jun 2002 12:08:22 -0700 (PDT)
From: FreeBSD Security Advisories 
<security-advisories em freebsd.org>
Reply-To: security-advisories em freebsd.org
To: FreeBSD Security Advisories 
<security-advisories em freebsd.org>

-----BEGIN PGP SIGNED MESSAGE-----

=============================================================================
FreeBSD-SA-02:28.resolv 
Security Advisory
 
The FreeBSD Project

Topic:          buffer overflow in resolver

Category:       core
Module:         libc
Announced:      2002-06-26
Credits:        Joost Pol <joost em pine.nl>
Affects:        All releases prior to and including 4.6-RELEASE
Corrected:      2002-06-26 06:34:18 UTC (RELENG_4)
                 2002-06-26 08:44:24 UTC (RELENG_4_6)
                 2002-06-26 18:53:20 UTC (RELENG_4_5)
FreeBSD only:   NO

I.   Background

The resolver implements functions for making, sending and 
interpreting
query and reply messages with Internet domain name servers.
Hostnames, IP addresses, and other information are queried 
using the
resolver.

II.  Problem Description

DNS messages have specific byte alignment requirements, 
resulting in
padding in messages.  In a few instances in the resolver 
code, this
padding is not taken into account when computing available 
buffer
space.  As a result, the parsing of a DNS message may result 
in a
buffer overrun of up to a few bytes for each record included 
in the
message.

III. Impact

An attacker (either a malicious domain name server or an 
agent that
can spoof DNS messages) may produce a specially crafted DNS 
message
that will exploit this bug when parsed by an application 
using the
resolver.  It may be possible for such an exploit to result 
in the
execution of arbitrary code with the privileges of the 
resolver-using
application.  Though no exploits are known to exist today, since
practically all Internet applications utilize the resolver, the
severity of this issue is high.

IV.  Workaround

There is currently no workaround.

V.   Solution

Do one of the following:

1) Upgrade your vulnerable system to 4.6-STABLE; or to the 
RELENG_4_6
or RELENG_4_5 security branch dated after the correction date
(4.6-RELEASE-p1 or 4.5-RELEASE-p7).

2) To patch your present system:

The following patch has been verified to apply to FreeBSD 
4.5 and
FreeBSD 4.6 systems.

a) Download the relevant patch from the location below, and 
verify the
detached PGP signature using your PGP utility.

# fetch 
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch
# fetch 
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch.asc

b) Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating systems as described in
<URL:http://www.freebsd.org/doc/handbook/makeworld.html>.

Note that any statically linked applications that are not 
part of
the base system (i.e. from the Ports Collection or other 
3rd-party
sources) must be recompiled.

VI.  Correction details

The following list contains the revision numbers of each 
file that was
corrected in FreeBSD.

Path 
      Revision
   Branch
- 
-------------------------------------------------------------------------
src/lib/libc/net/gethostbydns.c
   RELENG_4 
       1.27.2.2
   RELENG_4_6 
      1.27.10.1
   RELENG_4_5 
       1.27.8.1
src/lib/libc/net/getnetbydns.c
   RELENG_4 
       1.13.2.2
   RELENG_4_6 
   1.13.2.1.8.1
   RELENG_4_5 
   1.13.2.1.6.1
src/lib/libc/net/name6.c
   RELENG_4 
        1.6.2.6
   RELENG_4_6 
    1.6.2.5.8.1
   RELENG_4_5 
    1.6.2.5.6.1
src/sys/conf/newvers.sh
   RELENG_4_6 
  1.44.2.23.2.2
   RELENG_4_5 
  1.44.2.20.2.8
- 
-------------------------------------------------------------------------

VII. References

<URL:http://www.pine.nl/advisories/pine-cert-20020601.html>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iQCVAwUBPRoQOVUuHi5z0oilAQG3cAP/d7Gb2rdkSjZKCR0NI+QzMibgySVTXOtF
sdoJrYka/XnIpFMVAyXl36bibtRKbwfCyv/rEX39YSas7tqReizwAABoaRF956Qb
qlek1ONvvd+Tj6+WpEEueX/VdPqGQuqMk0BoguIbOgwAya6ZFYJ9ZKAHHSN9YqO8
ZGTC8pmqfGI=
=s76v
-----END PGP SIGNATURE-----

This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org


To Unsubscribe: send mail to majordomo em FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message



-- 
<about>
  <name>Luiz Fernando Pasqual S. Souza</name>
  <email>pasquall em terra.com.br</email>
</about>

______________________________________________
http://www2.fugspbr.org/mailman/listinfo/fugspbr

Mais detalhes sobre a lista de discussão freebsd