diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-01:17.exmh.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-01:17.exmh.asc | 96 |
1 files changed, 0 insertions, 96 deletions
diff --git a/share/security/advisories/FreeBSD-SA-01:17.exmh.asc b/share/security/advisories/FreeBSD-SA-01:17.exmh.asc deleted file mode 100644 index 0a818b8f7a..0000000000 --- a/share/security/advisories/FreeBSD-SA-01:17.exmh.asc +++ /dev/null @@ -1,96 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- - -============================================================================= -FreeBSD-SA-01:17 Security Advisory - FreeBSD, Inc. - -Topic: exmh symlink vulnerability - -Category: ports -Module: exmh2 -Announced: 2001-01-29 -Credits: Stanley G. Bubrouski <stan@CCS.NEU.EDU> -Affects: Ports collection prior to the correction date. -Corrected: 2001-01-22 -Vendor status: Updated version released -FreeBSD only: No - -I. Background - -exmh is a tcl/tk based interface to the mh mail user agent. - -II. Problem Description - -The exmh2 port, versions prior to 2.3.1, contains a local -vulnerability: at startup, if exmh detects a problem in its code or -configuration an error dialog appears giving the user an option to -fill in a bug report and email it to the maintainer. If the user -agrees to mail the maintainer a file named /tmp/exmhErrorMsg is -created. If the file exists and is a symlink, it will follow the -link, allowing local files writable by the user to be overwritten. - -The exmh2 port is not installed by default, nor is it "part of -FreeBSD" as such: it is part of the FreeBSD ports collection, which -contains over 4500 third-party applications in a ready-to-install -format. The ports collections shipped with FreeBSD 3.5.1 and 4.2 -contain this problem since it was discovered after the releases. - -FreeBSD makes no claim about the security of these third-party -applications, although an effort is underway to provide a security -audit of the most security-critical ports. - -III. Impact - -Malicious local users may cause arbitrary files writable by the user -running exmh to be overwritten, in certain restricted situations. - -If you have not chosen to install the exmh2 port/package, then your -system is not vulnerable to this problem. - -IV. Workaround - -Deinstall the exmh2 port/package, if you have installed it. - -V. Solution - -One of the following: - -1) Upgrade your entire ports collection and rebuild the exmh2 port. - -2) Deinstall the old package and install a new package dated after the -correction date, obtained from: - -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/mail/exmh-2.3.1.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/mail/exmh-2.3.1.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/mail/exmh-2.3.1.tgz - -[alpha] -Packages are not automatically generated for the alpha architecture at -this time due to lack of build resources. - -3) download a new port skeleton for the exmh2 port from: - -http://www.freebsd.org/ports/ - -and use it to rebuild the port. - -4) Use the portcheckout utility to automate option (3) above. The -portcheckout port is available in /usr/ports/devel/portcheckout or the -package can be obtained from: - -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/devel/portcheckout-2.0.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/devel/portcheckout-2.0.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/devel/portcheckout-2.0.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/devel/portcheckout-2.0.tgz -ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/devel/portcheckout-2.0.tgz - ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.0.4 (FreeBSD) -Comment: For info see http://www.gnupg.org - -iQCVAwUBOnXiAVUuHi5z0oilAQFN1QP/Y8TNT5P86VCujRk704GXV9Lxw4W6+lgZ -s6wmSPnm8BmO/MZo4RZ+snZToo9lZWEbgU490LU7sUjy8ehMiP6F2OpViuFT76ug -INFou7NHIAmMre2iFzyy6pcsLttX0emc02qUiEPDCLXrgF0BvhbqC3myXsbUzrpJ -srN7OD3Y8l4= -=1966 ------END PGP SIGNATURE----- |