FreeBSD Security Advisory



II. Problem Description
There are two documented methods of restricting access to NIS maps through ypserv(8): through the use of the /var/yp/securenets file, and through the /etc/hosts.allow file. While both mechanisms are implemented in the server, a change in the build process caused the “securenets" access restrictions to be inadvertantly disabled.

III. Impact
ypserv(8) will not load or process any of the networks or hosts specified in the /var/yp/securenets file, rendering those access controls ineffective.


II. Problem Description
smbfs does not properly sanitize paths containing a backslash character; in particular the directory name ‘..\’ is interpreted as the parent directory by the SMB/CIFS server, but smbfs handles it in the same manner as any other directory.

III. Impact
When inside a chroot environment which resides on a smbfs mounted file-system it is possible for an attacker to escape out of this chroot to any other directory on the smbfs mounted file-system.

嗯, 之前的 Security Advisory 都是連到 ftp, 現在改到 web 了呀.


Technorati Tags: , , , , ,

No Responses Yet to “FreeBSD Security Advisory”

  1. 發表迴響


在下方填入你的資料或按右方圖示以社群網站登入: 標誌

您的留言將使用 帳號。 登出 /  變更 )

Google photo

您的留言將使用 Google 帳號。 登出 /  變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 /  變更 )


您的留言將使用 Facebook 帳號。 登出 /  變更 )

連結到 %s

%d 位部落客按了讚: