FreeBSD Bugzilla – Attachment 60522 Details for
Bug 90813
[Maintainer update] shells/scponly: Update to 4.2 (with security fixes)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 2.47 KB, created by
Hideyuki KURASHINA
on 2005-12-22 15:40:03 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Hideyuki KURASHINA
Created:
2005-12-22 15:40:03 UTC
Size:
2.47 KB
patch
obsolete
>Index: vuln.xml >=================================================================== >RCS file: /home/ncvs/ports/security/vuxml/vuln.xml,v >retrieving revision 1.907 >diff -u -u -r1.907 vuln.xml >--- vuln.xml 19 Dec 2005 15:14:33 -0000 1.907 >+++ vuln.xml 22 Dec 2005 15:24:32 -0000 >@@ -34,6 +34,54 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="b5a49db7-72fc-11da-9827-021106004fd6"> >+ <topic>scponly -- local privilege escalation exploits</topic> >+ <affects> >+ <package> >+ <name>scponly</name> >+ <range><lt>4.2</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Max Vozeler reports:</p> >+ <blockquote cite="https://lists.ccs.neu.edu/pipermail/scponly/2005-December/001027.html"> >+ <p>If ALL the following conditions are true, administrators using >+ scponly-4.1 or older may be at risk of a local privilege >+ escalation exploit:</p> >+ <ul> >+ <li>the chrooted setuid scponlyc binary is installed</li> >+ <li>regular non-scponly users have interactive shell access >+ to the box</li> >+ <li>a user executable dynamically linked setuid binary >+ (such as ping) exists on the same file system mount >+ as the user's home directory</li> >+ <li>the operating system supports an LD_PRELOAD style >+ mechanism to overload dynamic library loading</li> >+ </ul> >+ </blockquote> >+ <p>Pekka Pessi also reports:</p> >+ <blockquote cite="https://lists.ccs.neu.edu/pipermail/scponly/2005-December/001027.html"> >+ <p>If ANY the following conditions are true, administrators >+ using scponly-4.1 or older may be at risk of a local privilege >+ escalation exploit:</p> >+ <ul> >+ <li>scp compatibility is enabled</li> >+ <li>rsync compatibility is enabled</li> >+ </ul> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://lists.ccs.neu.edu/pipermail/scponly/2005-December/001027.html</url> >+ <url>http://sublimation.org/scponly/#relnotes</url> >+ </references> >+ <dates> >+ <discovery>2005-12-21</discovery> >+ <entry>2005-12-22</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="f7eb0b23-7099-11da-a15c-0060084a00e5"> > <topic>fetchmail -- null pointer dereference in multidrop mode with > headerless email</topic>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=60522">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 90813
:
60521
| 60522