1 files changed, 0 insertions, 143 deletions
diff --git a/share/security/advisories/FreeBSD-SA-06:10.nfs.asc b/share/security/advisories/FreeBSD-SA-06:10.nfs.asc
deleted file mode 100644
index 9eee448f2b..0000000000
--- a/share/security/advisories/FreeBSD-SA-06:10.nfs.asc
+++ /dev/null
@@ -1,143 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-=============================================================================
-FreeBSD-SA-06:10.nfs                                        Security Advisory
-                                                          The FreeBSD Project
-
-Topic:          Remote denial of service in NFS server
-
-Category:       core
-Module:         sys_nfsserver
-Announced:      2006-03-01
-Credits:        Evgeny Legerov
-Affects:        All FreeBSD releases.
-Corrected:      2006-03-01 14:18:11 UTC (RELENG_6, 6.1-PRERELEASE)
-                2006-03-01 14:18:46 UTC (RELENG_6_0, 6.0-RELEASE-p5)
-                2006-03-01 14:19:48 UTC (RELENG_5, 5.5-PRERELEASE)
-                2006-03-01 14:21:01 UTC (RELENG_5_4, 5.4-RELEASE-p12)
-                2006-03-01 14:24:52 UTC (RELENG_5_3, 5.3-RELEASE-p27)
-                2006-03-01 14:21:56 UTC (RELENG_4, 4.11-STABLE)
-                2006-03-01 14:22:30 UTC (RELENG_4_11, 4.11-RELEASE-p15)
-                2006-03-01 14:23:07 UTC (RELENG_4_10, 4.10-RELEASE-p21)
-CVE Name:       CVE-2006-0900
-
-For general information regarding FreeBSD Security Advisories,
-including descriptions of the fields above, security branches, and the
-following sections, please visit
-<URL:http://www.freebsd.org/security/>.
-
-I.   Background
-
-The Network File System (NFS) allows a host to export some or all of
-its filesystems so that other hosts can access them over the network
-and mount them as if they were on local disks.  NFS is built on top of
-the Sun Remote Procedure Call (RPC) framework.
-
-II.  Problem Description
-
-A part of the NFS server code charged with handling incoming RPC
-messages via TCP had an error which, when the server received a
-message with a zero-length payload, would cause a NULL pointer
-dereference which results in a kernel panic.  The kernel will only
-process the RPC messages if a userland nfsd daemon is running.
-
-III. Impact
-
-The NULL pointer deference allows a remote attacker capable of sending
-RPC messages to an affected FreeBSD system to crash the FreeBSD system.
-
-IV.  Workaround
-
-1) Disable the NFS server: set the nfs_server_enable variable to "NO"
-   in /etc/rc.conf, and reboot.
-
-   Alternatively, if there are no active NFS clients (as listed by the
-   showmount(8) utility), simply killing the mountd and nfsd processes
-   should suffice.
-
-2) Add firewall rules to block RPC traffic to the NFS server from
-   untrusted hosts.
-
-V.   Solution
-
-Perform one of the following:
-
-1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE,
-or to the RELENG_6_0, RELENG_5_4, RELENG_5_3, RELENG_4_11, or
-RELENG_4_10 security branch dated after the correction date.
-
-2) To patch your present system:
-
-The following patches have been verified to apply to FreeBSD 4.10,
-4.11, 5.3, 5.4, and 6.0 systems.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-[FreeBSD 4.x]
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:10/nfs4.patch
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:10/nfs4.patch.asc
-
-[FreeBSD 5.x and 6.x]
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:10/nfs.patch
-# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:10/nfs.patch.asc
-
-b) Apply the patch.
-
-# cd /usr/src
-# patch < /path/to/patch
-
-c) Recompile your kernel as described in
-<URL:http://www.freebsd.org/handbook/kernelconfig.html> and reboot the
-system.
-
-VI.  Correction details
-
-The following list contains the revision numbers of each file that was
-corrected in FreeBSD.
-
-Branch                                                           Revision
-  Path
-- -------------------------------------------------------------------------
-RELENG_4
-  src/sys/nfs/nfs_socket.c                                       1.60.2.7
-RELENG_4_11
-  src/UPDATING                                             1.73.2.91.2.16
-  src/sys/conf/newvers.sh                                  1.44.2.39.2.19
-  src/sys/nfs/nfs_socket.c                                   1.60.2.6.6.1
-RELENG_4_10
-  src/UPDATING                                             1.73.2.90.2.22
-  src/sys/conf/newvers.sh                                  1.44.2.34.2.23
-  src/sys/nfs/nfs_socket.c                                   1.60.2.6.4.1
-RELENG_5
-  src/sys/nfsserver/nfs_srvsock.c                                1.92.2.2
-RELENG_5_4
-  src/UPDATING                                            1.342.2.24.2.21
-  src/sys/conf/newvers.sh                                  1.62.2.18.2.17
-  src/sys/nfsserver/nfs_srvsock.c                            1.92.2.1.2.1
-RELENG_5_3
-  src/UPDATING                                            1.342.2.13.2.30
-  src/sys/conf/newvers.sh                                  1.62.2.15.2.32
-  src/sys/nfsserver/nfs_srvsock.c                                1.92.4.1
-RELENG_6
-  src/sys/nfsserver/nfs_srvsock.c                                1.94.2.1
-RELENG_6_0
-  src/UPDATING                                             1.416.2.3.2.10
-  src/sys/conf/newvers.sh                                    1.69.2.8.2.6
-  src/sys/nfsserver/nfs_srvsock.c                                1.94.4.1
-- -------------------------------------------------------------------------
-
-VII. References
-
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0900
-
-The latest revision of this advisory is available at
-ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.2 (FreeBSD)
-
-iD8DBQFEBbOIFdaIBMps37IRAgmUAJ0fYEjr1gk8KpHGbcmhpPwh+GqI3ACcDH5X
-dN3ngWsO1Z91GdTjJe0e7VE=
-=GCDX
------END PGP SIGNATURE-----