FreeBSD Security Advisory (Bind)

The FreeBSD Security Team has identified an issue in Bind and has issued the following security advisory: FreeBSD-SA-12:05.bind.asc (06/08/2012).
I. Background

BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server.

DNS Security Extensions (DNSSEC) provides data integrity, origin authentication and authenticated denial of existence to resolvers.

II. Problem Description

BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure.

III. Impact

A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.

For a workaround and solution, check out the security advisory: FreeBSD-SA-12:05.bind.asc

FreeBSD Security Advisory (Crypt)

The FreeBSD Security Team has identified an issue in crypt and has issued the following security advisory: FreeBSD-SA-12:02.crypt (30/05/2012).

I. Background

The crypt(3) function performs password hashing with additional code added to deter key search attempts.

II. Problem Description

There is a programming error in the DES implementation used in crypt() when handling input which contains characters that can not be represented with 7-bit ASCII.

III. Impact

When the input contains characters with only the most significant bit set (0×80), that character and all characters after it will be ignored.

For a workaround and solution, check out the security advisory: FreeBSD-SA-12:02.crypt

FreeBSD Security Advisory (OpenSSL)

The FreeBSD Security Team has identified a security issue in openssl.

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory.

OpenSSL support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack.

To find out more about the impact, a work-around and solution, check out the advisory page:FreeBSD Security Advisory (openssl)

FreeBSD quick news and links (GhostBSD, Centreon, FreeBSD Dev, iXsystems)

GhostBSD 2.5: A GNOME-ified FreeBSD 9.0

If you want to try out FreeBSD 9.0 this holiday but are not turned on by the actual FreeBSD 9.0 install and setup process, nor find the KDE desktop of PC-BSD 9.0 enjoyable, you may want to try out GhostBSD 2.5.

GhostBSD 2.5: A GNOME-ified FreeBSD 9.0


Centreon 2.3.3 on FreeBSD 9

This tutorial will guide the user to complete the installation of Centreon on FreeBSD. We will be using an installation on a FreeBSD 9.0-PRERELEASE kernel version, kernel version does not influence the tutorial.

What is the Centreon? Centreon is a powerful tool for monitoring hosts and services, it is a frontend that works on top of Nagios, adding many features for viewing and alert history, status, etc. ..

Centreon 2.3.3 on FreeBSD 9


Debian GNU/kFreeBSD Gets Ready For FreeBSD 9.0

It’s not only the FreeBSD and PC-BSD camps gearing up for the imminent release of FreeBSD 9.0, but Debian developers have already been gearing up for the major update of this leading BSD distribution as they prepare to pull in its new kernel.

Debian GNU/kFreeBSD Gets Ready For FreeBSD 9.0


Top 6 Linux and BSD graphical installation programs

PC-BSD’s installation setup is one of them: Top 6 Linux and BSD graphical installation programs.


FreeBSD Development over 13 Years

This video shows the visual development of FreeBSD with its committers.

iXsystems Haiku Contest

Do you have the creativity/humor/love for FreeBSD and PC-BSD? Then submit an original haiku poem.

Here at iXsystems we always love hearing what you have to say, and what better way to celebrate the upcoming PC-BSD 9.0 release than indulging in some creative writing? We’ll gladly give away a PC-BSD shirt to the winner, and immortalize his/her haiku up on our Facebook and Google+ sites. (via)

bsdtalk210 – James Nixon from iXsystems

Interview with James Nixon from iXsystems at the LISA 2011 conference in Boston.

bsdtalk210 – James Nixon from iXsystems


BSDs ‘lost’ just because of this phone number 1-800-ITS-UNIX

BSD ‘lost’ because of a phone number? Nonsense.

Four of the BSD guys had just formed a company to sell BSD commercially. They even had a nice phone number: 1-800-ITS-UNIX. That phone number did them and me in. AT&T sued them over the phone number and the lawsuit took 3 years to settle. That was precisely the period Linux was launched and BSD was frozen due to the lawsuit

Interview with Andrew Tanenbaum


FreeBSD Security Advisories

PAMPAM_sshtelnetdchroot, and bind.

FreeBSD Security Advisory (mountd)

The FreeBSD Security Team has identified a security bug in mountd.

I. Background

The mountd(8) daemon services NFS mount requests from other client machines. When mountd is started, it loads the export host addresses and options into the kernel using the mount(2) system call.

II. Problem Description

While parsing the exports(5) table, a network mask in the form of “-network=netname/prefixlength” results in an incorrect network mask being computed if the prefix length is not a multiple of 8.

For example, specifying the ACL for an export as “-network 192.0.2.0/23″ would result in a netmask of 255.255.127.0 being used instead of the correct netmask of 255.255.254.0.

III. Impact

When using a prefix length which is not multiple of 8, access would be granted to the wrong client systems.

For a workaround and solution, check out the security advisory: FreeBSD Security Advisory (mountd)

FreeBSD Security Advisory (openssl)

The FreeBSD Security Team has identified a security bug in openssl:

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

A race condition exists in the OpenSSL TLS server extension code parsing when used in a multi-threaded application, which uses OpenSSL’s internal caching mechanism. The race condition can lead to a buffer overflow.

A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers.

III. Impact

For affected server applications, an attacker may be able to utilize the buffer overflow to crash the application or potentially run arbitrary code with the privileges of the application.

It may be possible to cause a DoS or potentially execute arbitrary in the context of the user connection to a malicious SSL server.

To find out more about the impact, a work-around and solution, check out the advisory page: FreeBSD Security Advisory (openssl)

FreeBSD Security Advisory (pseudofs)

The FreeBSD Security Team has identified a little bug in FreeBSD with speudofs:

I. Background

pseudofs offers an abstract API for pseudo file systems which is utilized by procfs(5) and linprocfs(5). It provides generic file system services such as ACLs, extended attributes which interface with VFS and which are otherwise onerous to implement. This enables pseudo file system authors to add this functionality to their file systems with minimal effort.

II. Problem Description

The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.

To find out more about the impact, a work-around and solution, check out the advisory page:

FreeBSD Security Advisory (pseudofs)

FreeBSD Security Advisory (bzip2)

The FreeBSD Security Team have identified a little bug in FreeBSD with the integer overflow in bzip2 decompression:

I. Background

“The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually
provide a greater compression ratio.

II. Problem Description

When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.

III. Impact

An attacker who can cause maliciously chosen inputs to be decompressed can cause the decompressor to crash. It is suspected that such an attacker can cause arbitrary code to be executed, but this is not known for certain.

Note that some utilities, including the tar archiver and the bspatch binary patching utility (used in portsnap and freebsd-update) decompress bzip2-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2-compressed data even if they never explicitly invoke the bunzip2 utility.”

To avoid potential problems, you need to upgrade.