diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-19:12.telnet.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-SA-19:12.telnet.asc | 136 |
1 files changed, 0 insertions, 136 deletions
diff --git a/share/security/advisories/FreeBSD-SA-19:12.telnet.asc b/share/security/advisories/FreeBSD-SA-19:12.telnet.asc deleted file mode 100644 index 158923aef2..0000000000 --- a/share/security/advisories/FreeBSD-SA-19:12.telnet.asc +++ /dev/null @@ -1,136 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-SA-19:12.telnet Security Advisory - The FreeBSD Project - -Topic: telnet(1) client multiple vulnerabilities - -Category: contrib -Module: contrib/telnet -Announced: 2019-07-24 -Credits: Juniper Networks -Affects: All supported versions of FreeBSD. -Corrected: 2019-07-19 15:37:29 UTC (stable/12, 12.0-STABLE) - 2019-07-24 12:51:52 UTC (releng/12.0, 12.0-RELEASE-p8) - 2019-07-19 15:27:53 UTC (stable/11, 11.2-STABLE) - 2019-07-24 12:51:52 UTC (releng/11.2, 11.2-RELEASE-p12) - 2019-07-24 12:51:52 UTC (releng/11.3, 11.3-RELEASE-p1) -CVE Name: CVE-2019-0053 - -For general information regarding FreeBSD Security Advisories, -including descriptions of the fields above, security branches, and the -following sections, please visit <URL:https://security.FreeBSD.org/>. - -I. Background - -The telnet(1) command is a TELNET protocol client, used primarily to -establish terminal sessions across a network. - -II. Problem Description - -Insufficient validation of environment variables in the telnet client -supplied in FreeBSD can lead to stack-based buffer overflows. A stack- -based overflow is present in the handling of environment variables when -connecting via the telnet client to remote telnet servers. - -This issue only affects the telnet client. Inbound telnet sessions to -telnetd(8) are not affected by this issue. - -III. Impact - -These buffer overflows may be triggered when connecting to a malicious -server, or by an active attacker in the network path between the client -and server. Specially crafted TELNET command sequences may cause the -execution of arbitrary code with the privileges of the user invoking -telnet(1). - -IV. Workaround - -Do not use telnet(1) to connect to untrusted machines or over an -untrusted network. - -V. Solution - -Upgrade your vulnerable system to a supported FreeBSD stable or -release / security branch (releng) dated after the correction date. - -Perform one of the following: - -1) To update your vulnerable system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -2) To update your vulnerable system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -# fetch https://security.FreeBSD.org/patches/SA-19:12/telnet.patch -# fetch https://security.FreeBSD.org/patches/SA-19:12/telnet.patch.asc -# gpg --verify telnet.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile the operating system using buildworld and installworld as -described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/12/ r350139 -releng/12.0/ r350281 -stable/11/ r350140 -releng/11.2/ r350281 -releng/11.3/ r350281 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053> - -The latest revision of this advisory is available at -<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:12.telnet.asc> ------BEGIN PGP SIGNATURE----- - -iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAl04WltfFIAAAAAALgAo -aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD -MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n -5cLOzA//YxRZNUr+d8B+t6DnBUbVvthJiY9sQ1YPXUIJmp4QA7wvXr5UjURw+6qv -raxEp6JmF06wZK4RjeIFckQD6s2wnjO5VHO80Zbs0nD4NejQGeDAIlVdKqofOtJv -bBQNSY3vPAtumyfElc+N19rKetAjGbsUjOMbn87GlWrit4lqcavBQsdmSlQB5gVA -dFAFsVxr+ujjATnrCmIpFiaDk0unyJ7Gtz7jiM9I8xZueJtM49/9kNCFFLKCMUl8 -HpB2k0cb18GVNJoKtzo1nELOM/oIJVO5HZt1fmYG/RgeL1BSyzg4q/5jXJQopJ2h -Qax7fmMP+RpGGrfp9Uom63tj79eQk2NirpUtfAaYkfGKzj6fNcq/7jxZfbobx0R8 -uTiF88mlv2/SGxpo11Z/QBqOSYTQtjDRYJvjCo77g7YW8HauECC3tiklpPfFOIO8 -m5qNOORKI74Do377GBF3gxDF2T8ILwj1j7nKHf3apotvQXJkkbpWBG7ADRTFcZWd -PMKdYiDPHV33YmCAg9tOAqV4O7TvaB07ZLKiI6kuSBtPVrazB8Az/oRJwfF6JQ6g -4ZdinyCrXWYrWslkW8402GKCERFFYJUvwLSUqHxYMRgZWPy9zf/mH56vh4bleYnP -kz2X7OgtB3Juu0Uzwv927+KZuyzitniaPlLe9tsyBwXFbUM+BrY= -=LWVf ------END PGP SIGNATURE----- |