FreeBSD brouted buffer overflow
| freebsd-brouted-bo (6185) |  High Risk |
Description:
Brouted, included with FreeBSD, is vulnerable to a buffer overflow. Brouted is typically installed with setgid kmem privileges. An attacker could exploit one of the several command-line buffer overflows to gain kmem privileges and possibly root privileges.
Platforms Affected:
- FreeBSD, FreeBSD 3.5
- FreeBSD, FreeBSD 4.0
- FreeBSD, FreeBSD 4.0 Alpha
- FreeBSD, FreeBSD 4.1
- FreeBSD, FreeBSD 5.0 Alpha
- FreeBSD, FreeBSD 5.0
Remedy:
Upgrade to the latest version of brouted (1.2b dated 2000-08-22 or later), as listed in FreeBSD, Inc. Security Advisory FreeBSD-SA-00:43. See References.
Consequences:
Gain Privileges
References:
- FreeBSD Security Advisory FreeBSD-SA-00:43, brouted port allows gid kmem compromise at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:43.brouted.asc.
- BID-1629: FreeBSD Ports brouted Installation Permission Vulnerability
- CVE-2000-0752: Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
Reported:
Aug 28, 2000
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net