Aproveitando .. Se eu baixar o FreeBSD da pagina oficial, ele ja vem com essa correção ou não..
Márcio 2007/5/23, irado furioso com tudo <[EMAIL PROTECTED]>: > > bem.. se todo mundo já souber, esqueçam e desculpem > > > Iníciando encaminhamento de mensagem: > > Data: Wed, 23 May 2007 16:19:55 GMT > De: FreeBSD Security Advisories <[EMAIL PROTECTED]> > Para: Bugtraq <[EMAIL PROTECTED]> > Assunto: FreeBSD Security Advisory FreeBSD-SA-07:04.file > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ============================================================================= > FreeBSD-SA-07:04.file Security > Advisory The FreeBSD Project > > Topic: Heap overflow in file(1) > > Category: contrib > Module: file > Announced: 2007-05-23 > Affects: All FreeBSD releases. > Corrected: 2007-05-23 16:12:51 UTC (RELENG_6, 6.2-STABLE) > 2007-05-23 16:13:07 UTC (RELENG_6_2, 6.2-RELEASE-p5) > 2007-05-23 16:13:20 UTC (RELENG_6_1, 6.1-RELEASE-p17) > 2007-05-23 16:12:10 UTC (RELENG_5, 5.5-STABLE) > 2007-05-23 16:12:35 UTC (RELENG_5_5, 5.5-RELEASE-p13) > CVE Name: CVE-2007-1536 > > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:http://security.FreeBSD.org/>. > > I. Background > > The file(1) utility attempts to classify file system objects based on > filesystem, magic number and language tests. > > The libmagic(3) library provides most of the functionality of file(1) > and may be used by other applications. > > II. Problem Description > > When writing data into a buffer in the file_printf function, the length > of the unused portion of the buffer is not correctly tracked, resulting > in a buffer overflow when processing certain files. > > III. Impact > > An attacker who can cause file(1) to be run on a maliciously constructed > input can cause file(1) to crash. It may be possible for such an > attacker to execute arbitrary code with the privileges of the user > running file(1). > > The above also applies to any other applications using the libmagic(3) > library. > > IV. Workaround > > No workaround is available, but systems where file(1) and other > libmagic(3)-using applications are never run on untrusted input are not > vulnerable. > > V. Solution > > Perform one of the following: > > 1) Upgrade your vulnerable system to 5-STABLE, or 6-STABLE, or to the > RELENG_6_2, RELENG_6_1, or RELENG_5_5 security branch dated after the > correction date. > > 2) To patch your present system: > > The following patches have been verified to apply to FreeBSD 5.5, 6.1, > and 6.2 systems. > > a) Download the relevant patch from the location below, and verify the > detached PGP signature using your PGP utility. > > [FreeBSD 5.5] > # fetch http://security.FreeBSD.org/patches/SA-07:04/file5.patch > # fetch http://security.FreeBSD.org/patches/SA-07:04/file5.patch.asc > > [FreeBSD 6.1 and 6.2] > # fetch http://security.FreeBSD.org/patches/SA-07:04/file6.patch > # fetch http://security.FreeBSD.org/patches/SA-07:04/file6.patch.asc > > b) Execute the following commands as root: > > # cd /usr/src > # patch < /path/to/patch > # cd /usr/src/lib/libmagic > # make obj && make depend && make && make install > > VI. Correction details > > The following list contains the revision numbers of each file that was > corrected in FreeBSD. > > Branch > Revision Path > - > ------------------------------------------------------------------------- > RELENG_5 src/contrib/file/file.h > 1.1.1.7.2.1 src/contrib/file/funcs.c > 1.1.1.1.2.1 src/contrib/file/magic.c > 1.1.1.1.2.1 RELENG_5_5 > src/UPDATING > 1.342.2.35.2.13 > src/sys/conf/newvers.sh 1.62.2.21.2.15 > src/contrib/file/file.h 1.1.1.7.8.1 > src/contrib/file/funcs.c 1.1.1.1.8.1 > src/contrib/file/magic.c 1.1.1.1.8.1 > RELENG_6 src/contrib/file/file.h > 1.1.1.8.2.1 src/contrib/file/funcs.c > 1.1.1.2.2.1 src/contrib/file/magic.c > 1.1.1.2.2.1 RELENG_6_2 > src/UPDATING > 1.416.2.29.2.8 > src/sys/conf/newvers.sh 1.69.2.13.2.8 > src/contrib/file/file.h 1.1.1.8.8.1 > src/contrib/file/funcs.c 1.1.1.2.8.1 > src/contrib/file/magic.c 1.1.1.2.8.1 > RELENG_6_1 src/UPDATING > 1.416.2.22.2.19 > src/sys/conf/newvers.sh 1.69.2.11.2.19 > src/contrib/file/file.h 1.1.1.8.6.1 > src/contrib/file/funcs.c 1.1.1.2.6.1 > src/contrib/file/magic.c 1.1.1.2.6.1 > - > ------------------------------------------------------------------------- > > VII. References > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 > > The latest revision of this advisory is available at > http://security.FreeBSD.org/advisories/FreeBSD-SA-07:04.file.asc > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (FreeBSD) > > iD8DBQFGVGjhFdaIBMps37IRAgogAJ9o/0yCxtRi527rgvhg/BoC/AvEsQCfcwMX > ABl7JIb1XiY6QKWQ6UfwlGA= > =meQ0 > -----END PGP SIGNATURE----- > > > -- > saudações, > irado furioso com tudo > Linux User 179402/FreeBSD BSD50853/FUG-BR 154 > Não uso drogas - 100% Miko$hit-free > Tudo o que Existe egressa do Ser e regressa ao Ser. O Ser é o > Insondável Tao. Das profundezas do Ser nascem todos os seres que > existem. O Ser, porém, é o abismo do Não-Existir. > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
