>Number: 188432 >Category: kern >Synopsis: MITM attacks against portsnap mirrors (pmirror.sh) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Apr 10 16:30:01 UTC 2014 >Closed-Date: >Last-Modified: >Originator: David Noel >Release: 9.2 >Organization: >Environment: >Description: The portsnap mirroring script pmirror.sh lacks of any sort of mechanism to verify fetched data prior to processing and mirroring it. Without this, mirrors are open to compromise via decompression library exploitation. It also means an attacker could feed a mirror a corrupt archive, opening users of that mirror to compromise. >How-To-Repeat:
>Fix: Solution summary: The addition of hashes and hash verification code to pmirror.sh. The lines of concern in pmirror.sh are 99-103, 121-125, 138-149, and 153-157. >Release-Note: >Audit-Trail: >Unformatted: _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
