Date: Thu, 14 Jan 2016 17:10:43 +0000 From: Matt Smith <fbsd@xtaz.co.uk> To: Andrea Brancatelli <abrancatelli@schema31.it> Cc: freebsd-stable@freebsd.org Subject: Re: Insecure default bsnmpd.conf permissions (CVE-2015-5677) Message-ID: <20160114171043.GA1282@xtaz.uk> In-Reply-To: <2610214c27a073ba95d275f46e40dda6@schema31.it> References: <2610214c27a073ba95d275f46e40dda6@schema31.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 14 12:40, Andrea Brancatelli wrote: >Hello everybody. > >I just read the above security advisory. In the solution it says: > >"This vulnerability can be fixed by modifying the permission on >/etc/bsnmpd.conf to owner root:wheel and permission 0600." > >I guess it's a typo and the correct filename is /etc/snmpd.config, >right? There's no /etc/bsnmpd.conf in the default config... > I think you may be right. I don't use bsnmp so I just checked the permissions of the existing file which were 644 and then deleted it and ran mergemaster. mergemaster then reinstalled the missing file and the permissions are now 600. -- Matt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160114171043.GA1282>