FreeBSD Linux compatibility module buffer oveflow
| freebsd-linux-module-bo (5968) |  High Risk |
Description:
FreeBSD is vulnerable to a buffer overflow in the Linux compatibility module. The Linux compatibility module implements a shadow file system overlayed on the regular file system allowing Linux binaries to see files in the shadow system that can mask native files. By creating a file in the shadow file system with an unusually long filename containing an executable code, an attacker can overflow a buffer and cause values on the stack to be overwritten to gain root privileges.
Platforms Affected:
- FreeBSD, FreeBSD 3.0
- FreeBSD, FreeBSD 3.1
- FreeBSD, FreeBSD 3.2
- FreeBSD, FreeBSD 3.3
- FreeBSD, FreeBSD 3.4
- FreeBSD, FreeBSD 3.5
- FreeBSD, FreeBSD 4.0
- FreeBSD, FreeBSD 4.0 Alpha
- FreeBSD, FreeBSD 4.1
- FreeBSD, FreeBSD 5.0
- FreeBSD, FreeBSD 5.0 Alpha
Remedy:
For FreeBSD 3.x:
Upgrade to the latest version of FreeBSD (3.5-STABLE dated prior to 2000-08-24), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-00:42. See References.
For FreeBSD 4.x:
Upgrade to the latest version of FreeBSd (4.1-STABLE dated prior to 2000-07-29), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-00:42. See References.
For FreeBSD 5.x:
Upgrade to the latest version of FreeBSD (5.0-CURRENT dated prior to 2000-07-23), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-00:42. See References.
— OR —
Apply the linux patch, as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-00:42. See References.
Consequences:
Gain Access
References:
- FreeBSD Security Advisory FreeBSD-SA-00:42, Linux binary compatability mode can cause system compromise at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:42.linux.asc.
- BID-1628: FreeBSD Linux Compatibility Mode Buffer Overflow Vulnerability
- CVE-2000-0749: Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system.
- OSVDB ID: 1536: FreeBSD Linux Compatibility Mode Buffer Overflow
Reported:
Aug 28, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net