In port net/freebsd-uucp: When compiled with PAM, uucpd shows the following bug: if user specified in command line is unknown, getpwnam() returns NULL; then, auth_pam() tries to extract pw->pw_name and gets SIGSEGV. gdb'ing of core file shows: #0 0x08049778 in auth_pam () at uucpd.c:354 354 cred_t auth_cred = { pw->pw_name, passwd }; (gdb) p pw $1 = (struct passwd *) 0x0 This isn't kind of security problem but rather annoys. Fix: Patch uucpd.c (I don't know whether to better patch by port system or in repository) with the following patch. I also added sleep(3) on bad login according to common practice. How-To-Repeat: Compile and install the port, start uucpd from inetd or command line, enter unknown user and arbitrary password.
Responsible Changed From-To: freebsd-ports-bugs->dinoex Over to maintainer
State Changed From-To: open->analyzed - path in patch was wrong, it does now apply cleanly
dinoex 2007-09-10 09:16:23 UTC FreeBSD ports repository Modified files: net/freebsd-uucp Makefile distinfo Removed files: net/freebsd-uucp/files patch-uucico-Makefile Log: - update to 1.07.3 fix linking with option ENCRYPTED_PASSWORDS fix traps with PAM and unknown user PR: 115765 Submitted by: Valentin Nechayev Revision Changes Path 1.43 +1 -1 ports/net/freebsd-uucp/Makefile 1.18 +3 -3 ports/net/freebsd-uucp/distinfo 1.2 +0 -13 ports/net/freebsd-uucp/files/patch-uucico-Makefile (dead) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: analyzed->closed committed, thanks.