Bug 82101

Summary: security vulerability in sysutils/nwclient(602)
Product: Ports & Packages Reporter: Derik van Zuetphen <dz>
Component: Individual Port(s)Assignee: niels <niels>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Derik van Zuetphen 2005-06-10 09:40:15 UTC 
	sysutils/nwclient602 and sysutils/nwclient have multiple security 
	vulnerabilities according to
		http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=4666

	this should either be updated or mentioned in the VuXML database.
Comment 1 niels freebsd_committer freebsd_triage 2005-06-15 08:23:29 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->	 niels

Thanks, I'll look into this. 

The first problem I already ran into is that recent versions 
of this software don't seem to be freely available anymore. In 
fact, after filling in an evaluation form I didn't get the expected 
download link, I got the following: 

### START 
A sales representative will contact you shortly with download 
instructions for your primary request, as well as any additional 
products you would like to evaluate. 
### STOP 

I'll keep you posted. 

Niels
Comment 2 Derik van Zuetphen 2005-06-16 17:20:34 UTC 
Hi Niels,

as far as I see, the FreeBSD version was made be a company named Feral
(http://www.feral.com), which does not exist anymore.

But you can download the Linux version from
http://www.legato.com/support/websupport/patches_updates/networker.htm

Unfortunately, it doesn't work. The Networker savefs binary produces
no result, when it is called by the server with argument "-p".

Unless nobody can make the Linux version work, I don't see the
possibility of an update. 

But the two nwclient ports should still be marked as vulnerable.


-Derik.
Comment 3 niels freebsd_committer freebsd_triage 2005-07-18 14:02:57 UTC 
State Changed
From-To: open->	 closed



VuXMLwas comitted last week. In addition the ports have been makred forbidden. 

Tnx! 

Niels