[FUGSPBR] FreeBSD IPFW Me Point To Point Interface Address Addition Vulnerability

Andrés Alejandro Luengo González andres.alejandro em sfw.com.br
Seg Ago 20 17:05:14 BRT 2001


FreeBSD is a freely available BSD-based UNIX Operating System
distributed and maintained by the FreeBSD Project.

When ipfw is used with the "me" identifier on a point to point
interface, it may result in access to the local host by the remote end
of the link. When the "me" identifier is used on the link, ipfw issues
the same rules for the remote end of the link. This could allow
unintended access to the local system by a remote host, and could lead
to potential compromise of local resources.

A patch is available.

FreeBSD FreeBSD 4.3-STABLE:

FreeBSD patch ipfw.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:53/ipfw.patch

FreeBSD FreeBSD 4.3-RELEASE:

FreeBSD patch ipfw.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:53/ipfw.patch
 

Source: http://www.securityfocus.com
----
Para sair da lista envie um e-mail para majordomo em fugspbr.org
com as palavras "unsubscribe fugspbr" no corpo da mensagem.



Mais detalhes sobre a lista de discussão freebsd