Entry 29250 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 29250

WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`

2025/07/08 [General] UID:1000 Activity:popular

7/8

2003/8/6 [Computer/SW/OS/FreeBSD] UID:29250 Activity:high

8/5     Off-by-one error in realpath(3):
        OpenBSD: http://csua.org/u/3u0
        FreeBSD: http://csua.org/u/3u1
        (Just in case some of you aren't subscribed to the security
         announce lists)
         \_ Ah, the wonderful joys of C programming.
                \_ And you prefer?
                  \_ nothing. For some tasks there are no better substitutes
                     yet, unfortunately.
                     \_ everything should be written in vax 11/780 assembly
                        like the good old days!  where'd my pdp-7?
                        like the good old days!  where's my pdp-7?
                        \_Back in my day, we didn't have no fancy terminals,
                          we wrote programs by wiring the accumulator to the
                          cycling unit, and we liked it! -- grumpy old man
                          \_ Yeah!  You tell em!  Hey wait, you had wires?
                             We didn't have wires....

2025/07/08 [General] UID:1000 Activity:popular

7/8

You may also be interested in these entries...

2009/5/4-6 [Computer/SW/OS/Linux, Computer/SW/OS/FreeBSD] UID:52939 Activity:moderate

5/4     I would appreciate a reliability ranking between:
        1) OpenBSD
        2) OpenSolaris
        3) FreeBSD
        4) Debian-Stable
        5) Suse Linux Enterprise Server
	...

2009/4/17-23 [Computer/SW/OS/FreeBSD] UID:52867 Activity:low

4/17    If you have a general access AssOS machines, this is worth
        taking this seriously. --psb
  http://c-skills.blogspot.com/2009/04/udev-trickery-cve-2009-1185-and-cve.html
        <DEAD>admin.fedoraproject.org/updates/udev-127-5.fc10<DEAD>
        \_ What does this have to do with MS Windows?
           \_ psb is a bsd lover.
	...

2008/12/10-16 [Computer/HW/CPU, Computer/HW/Drives] UID:52220 Activity:moderate

12/9    Another idea for the CSUA that lets you spend money and maybe get some
    cool toys. Instead of buying a beefy server (like say, a massive server
    with 20 386DX processors), buy a few cheap machines (like the ones
    mentioned below) that have good disks and work on failover / load
    balancing. A netscaler or other piece of hardware is complete overkill,
    but maybe hacking an OpenBSD box could do the trick. The idea is that
	...

2007/7/17 [Computer/SW/Languages/C_Cplusplus] UID:47312 Activity:nil

7/13    CSUA Life Roster
1 point each for:                                               key:
                significant other (out of county rule applies)   G
                car (Chevy Novas do count)                       C
                housing (dorms DO NOT count)                     H
                own computer running reasonable multi-tasking OS U
	...

2007/7/13-16 [Computer/Networking] UID:47279 Activity:nil

7/13    I'm thinking about getting a Soekris 4501 to replace my the P2-400
        that is currently acting as my home firewall. Has anyone used a
        Soekris system for this purpose? If so, how well does it work? Also,
        if there are any alternatives (similar power/form factor), I would
        appreciate links to those as well. tia.
        \_ John got me to use a WRAP box similar to Soekris.  I use this one:
	...

2007/3/15-17 [Computer/SW/OS/FreeBSD] UID:45977 Activity:nil

3/14    http://www.csua.org/u/i8o
        Remote exploit in OpenBSD kernel.  Security is hard.  And yes, it
        would be really difficult to exploit this in practice. -dans
	...

2007/3/13-14 [Computer/SW/OS/FreeBSD] UID:45949 Activity:nil

3/13    OpenBSD 4.1 preorder is up:
        http://www.openbsd.org/items.html#41
	...

2007/3/13-14 [Computer/SW/Security] UID:45950 Activity:nil

3/13    OpenSSH 4.6 is out:
        http://undeadly.org/cgi?action=article&sid=20070308183425
        Portable Version:
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
        OpenBSD Version:
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.6.tar.gz
	...

2006/11/8-9 [Computer/SW/Security] UID:45263 Activity:nil

11/8    OpenSSH 4.5 is out:
        http://www.openssh.org/txt/release-4.5
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.5.tar.gz
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.5p1.tar.gz
	...

2006/9/27-28 [Computer/SW/OS/FreeBSD, Computer/SW/Security] UID:44580 Activity:nil

9/27    OpenSSH 4.4 is leftist
        http://www.openssh.org/txt/release-4.4
        OpenBSD src:
        http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.4.tar.gz
        OpenBSD src signature:
        http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.4.tar.gz.asc
	...

2006/9/22-25 [Computer/SW/OS/FreeBSD] UID:44496 Activity:nil

9/22    OpenBSD 4.0 available for pre-order:
        http://www.openbsd.org/40.html
	...

2006/8/16-18 [Computer/SW/OS/FreeBSD] UID:44024 Activity:nil

8/16    Greatest piece of software ever written is 4.3 BSD:
        http://tinyurl.com/go7lv (informationweek.com)
        \_ Windows is run by more computers than all other OS combined.
           \_ that only makes it common, not great.
              \_ If it wasn't great people wouldn't use it.  They'd use 4.3
                 BSD.
	...

Cache (518 bytes)

csua.org/u/3u0 -> www.sigmasoft.com/~openbsd/archive/openbsd-security-announce/200308/msg00002.htmlThis is the same bug that was recently found in the wu-ftpd ftpd server by Janusz Niewiadomski and Janusz Niewiadomski. The OpenBSD ftp daemon does not use realpath in a way that could be exploited, however a number of other system binaries also use the function. It is not currently known whether or not this bug results in an exploitable security hole on OpenBSD. Since the bug led to an exploitable hole in wu-ftpd, it is entirely possible that some program using realpath under OpenBSD may be vulnerable to attack.

Cache (1806 bytes)

csua.org/u/3u1 -> lists.freebsd.org/pipermail/freebsd-security-notifications/2003-August/000006.htmlThe realpath function is part of the FreeBSD Standard C Library. Problem Description An off-by-one error exists in a portion of realpath that computes the length of the resolved pathname. As a result, if the resolved path name is exactly 1024 characters long and contains at least two directory separators, the buffer passed to realpath will be overwritten by a single NUL byte. Impact Applications using realpath MAY be vulnerable to denial of service attacks, remote code execution, and/or privilege escalation. The impact on an individual application is highly dependent upon the source of the pathname passed to realpath, the position of the output buffer on the stack, the architecture on which the application is running, and other factors. Within the FreeBSD base system, several applications use realpath. Two applications which are negatively impacted are: lukemftpd, an alternative FTP server: realpath is used to process the MLST and MLSD commands. The vulnerability may be exploitable, leading to code execution with superuser privileges. It is not built or installed by default in any other release. This vulnerability may be exploitable, leading to code execution with the privileges of the authenticated user. These applications have not been audited, and may or may not be vulnerable. OpenSSH's sftp-server may be disabled by editing /etc/ssh/sshd_config and commenting out the following line by inserting a #' as the first character: Subsystem sftp /usr/libexec/sftp-server lukemftpd may be replaced by the default ftpd. All affected applications must be restarted for them to use the corrected library. Though not required, rebooting may be the easiest way to accomplish this. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD.