RE: [security-alerts] FW: [SA21587] FreeBSD "ppp" Buffer Overflow Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> -----Original Message-----
> From: 3APA3A [mailto:3APA3A@xxxxxxxxxxxxxxxx] 
> Sent: Friday, August 25, 2006 1:43 PM
> To: Kazennov, Vladimir
> Cc: security-alerts@xxxxxxxxxxxxxx
> Subject: Re: [security-alerts] FW: [SA21587] FreeBSD "ppp" 
> Buffer Overflow Vulnerability
> 
> Dear Kazennov, Vladimir,
> 
> Ну  к  безопасности  почты  оно  слабо,  потому  как  
> во-первых атака на
 Ну, может быть, я не прав в отношении тематики листа, но я посылаю туда 
информацию об уязвимостях общего характера и популярных приложений (не только 
почты).
> канальном  уровне,  а  во-вторых, по-моему, еще и только 
> против клиента.
> Т.е. поломать можно диалапного клиента со стороны провайдера.
 У меня под руками нет FreeBSD - значит, я перепутал ppp и pppd.
 
> 
> --Friday, August 25, 2006, 11:35:32 AM, you wrote to 
> security-alerts@xxxxxxxxxxxxxx:
> 
> >> 
> >> TITLE:
> >> FreeBSD "ppp" Buffer Overflow Vulnerability
> >> 
> >> SECUNIA ADVISORY ID:
> >> SA21587
> >> 
> >> VERIFY ADVISORY:
> >> http://secunia.com/advisories/21587/
> >> 
> >> CRITICAL:
> >> Moderately critical
> >> 
> >> IMPACT:
> >> Exposure of sensitive information, DoS, System access
> >> 
> >> WHERE:
> >> From remote
> >> 
> >> OPERATING SYSTEM:
> >> FreeBSD 6.x
> >> http://secunia.com/product/6778/
> >> FreeBSD 5.x
> >> http://secunia.com/product/1132/
> >> FreeBSD 4.x
> >> http://secunia.com/product/139/
> >> 
> >> DESCRIPTION:
> >> A vulnerability has been reported in FreeBSD, which can be 
> exploited
> >> by malicious people to cause a DoS (Denial of Service), gain
> >> knowledge about potentially sensitive information, and compromise a
> >> vulnerable system.
> >> 
> >> The vulnerability is caused due to boundary errors within the ppp
> >> driver when processing LCP (Link Control Protocol) options 
> and can be
> >> exploited by sending specially crafted LCP packets.
> >> 
> >> The vulnerability has been reported for all FreeBSD releases.
> >> 
> >> SOLUTION:
> >> Update FreeBSD or apply patch.
> >> 
> >> Fixed versions:
> >> 2006-08-23 22:01:44 UTC (RELENG_6, 6.1-STABLE)
> >> 2006-08-23 22:02:25 UTC (RELENG_6_1, 6.1-RELEASE-p4)
> >> 2006-08-23 22:02:52 UTC (RELENG_6_0, 6.0-RELEASE-p10)
> >> 2006-08-23 22:03:55 UTC (RELENG_5, 5.5-STABLE)
> >> 2006-08-23 22:04:28 UTC (RELENG_5_5, 5.5-RELEASE-p3)
> >> 2006-08-23 22:04:58 UTC (RELENG_5_4, 5.4-RELEASE-p17)
> >> 2006-08-23 22:05:49 UTC (RELENG_5_3, 5.3-RELEASE-p32)
> >> 2006-08-23 22:06:08 UTC (RELENG_4, 4.11-STABLE)
> >> 2006-08-23 22:06:40 UTC (RELENG_4_11, 4.11-RELEASE-p20)
> >> 
> >> Patch for FreeBSD 4.x:
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp4x.patch.asc
> >> 
> >> Patch for FreeBSD 5.3:
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp53.patch
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp53.patch.asc
> >> 
> >> Patch for FreeBSD 5.4, 5.5, and 6.x:
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp.patch
> >> http://security.FreeBSD.org/patches/SA-06:18/ppp.patch.asc
> >> 
> >> PROVIDED AND/OR DISCOVERED BY:
> >> The vendor credits Martin Husemann and Pavel Cahyna.
> >> 
> >> ORIGINAL ADVISORY:
> >> http://security.freebsd.org/advisories/FreeBSD-SA-06:18.ppp.asc
> >> 
> 
> 
> 
> -- 
> ~/ZARAZA
> Клянусь лысиной пророка Моисея - я тебя сейчас съем. (Твен)
> 
>