Date: Thu, 10 Apr 2014 16:20:13 GMT From: David Noel <david.i.noel@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/188432: MITM attacks against portsnap mirrors (pmirror.sh) Message-ID: <201404101620.s3AGKDhC088385@cgiserv.freebsd.org> Resent-Message-ID: <201404101630.s3AGU1Or042181@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 188432 >Category: kern >Synopsis: MITM attacks against portsnap mirrors (pmirror.sh) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Apr 10 16:30:01 UTC 2014 >Closed-Date: >Last-Modified: >Originator: David Noel >Release: 9.2 >Organization: >Environment: >Description: The portsnap mirroring script pmirror.sh lacks of any sort of mechanism to verify fetched data prior to processing and mirroring it. Without this, mirrors are open to compromise via decompression library exploitation. It also means an attacker could feed a mirror a corrupt archive, opening users of that mirror to compromise. >How-To-Repeat: >Fix: Solution summary: The addition of hashes and hash verification code to pmirror.sh. The lines of concern in pmirror.sh are 99-103, 121-125, 138-149, and 153-157. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404101620.s3AGKDhC088385>