Date: Sun, 29 Oct 100 15:47:47 -0600 (CST) From: Jim Bryant <jbryant@ppp-207-193-0-236.kscymo.swbell.net> To: ishmael27@home.com (Jeremy Norris) Cc: roman@xpert.com, ports@FreeBSD.ORG Subject: Re: Remote buffer overflow in gnomeicu 0.93 Message-ID: <200010292147.PAA01771@ppp-207-193-0-236.kscymo.swbell.net> In-Reply-To: <20001029072540.A89648@babylon.merseine.nu> from Jeremy Norris at "Oct 29, 0 07:25:40 am"
next in thread | previous in thread | raw e-mail | index | archive | help
IMHO, yes. I have a hard enough time trying to convince people at my workplace that this is the way to go for the future. When they see crap like this, they laugh in my face. I am a contractor working on various projects, some involving government. If holes aren't fixed as soon as they are known, it makes my job harder convincing some people that BSD/Linux systems are safe. Releasing optional packages/ports with holes that can allow such exploits only serves to keep Gates in biz at such sites, recent news about the holes being exposed in NT won't change anything because a lot of those shops are NT-based already, in other words, Gates doesn't have to get his foot in the door, we do. In reply: > Gnomeicu doesn't run with any privelege however, unless one is foolish enough > to run it as root. At worse, a deviant person could crash it and gain access as > an unprivleged user. Is thate enough to make a port FORBIDDEN? > > Jeremy > > On Sun, Oct 29, 2000 at 01:38:30AM +0200, Roman Shterenzon wrote: > > On Sat, 28 Oct 2000, Jeremy Norris wrote: > > > > > I would think this would be a problem with all icq clients, since icq opens up > > > a tcp port by default. Gnomeicu at least, however, lets you pick what port. > > > > > > Jeremy > > But, gnomeicu is the only one I've seen that crashes when sent too much > > data on that port. > > That's security breach. > > > > > On Sat, Oct 28, 2000 at 12:46:08AM +0200, Roman Shterenzon wrote: > > > > Hi, > > > > > > > > Yesterday, running sockstat I noticed that openicu listens on TCP port 4000. > > > > I was curious so I fed it with some zeroes from /dev/zero, and, it crashed > > > > like a charm. I'm suspecting buffer overflow which may allow an intruder > > > > to receive a shell on victim's machine. > > > > Looking at code advises that the port can be chosen from 4000-4100 range. > > > > I believe it needs to be checked and the port marked as FORBIDDEN meanwhile. > > > > Sorry if it's false alarm. jim -- All opinions expressed are mine, if you | "I will not be pushed, stamped, think otherwise, then go jump into turbid | briefed, debriefed, indexed, or radioactive waters and yell WAHOO !!! | numbered!" - #1, "The Prisoner" ------------------------------------------------------------------------------ kc5vdj@prodigy.net KC5VDJ - HF to 23cm KC5VDJ@NW0I.#NEKS.KS.USA.NOAM HF/VHF: IC-706MkII VHF/UHF/SHF: IC-T81A KPC3+ & PK-232MBX Grid: EM28px ------------------------------------------------------------------------------ ET has one helluva sense of humor, always anal-probing right-wing schizos! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200010292147.PAA01771>