FreeBSD Security Advisories (sctp, ip_multicast)

software-bug-signThe FreeBSD Security Team has identified an issue in sctp and ip_multicast  and has issued the following security advisories:

The SCTP protocol provides reliable, flow-controlled, two-way transmission of data. It is a message oriented protocol and can support the SOCK_STREAM and SOCK_SEQPACKET abstractions. The SCTP protocol checks the integrity of messages by validating the state cookie information that is returned from the peer.

IP multicast is a method of sending Internet Protocol (IP) datagrams to a group of interested receivers in a single transmission.

Please read and take the recommended action(s).

FreeBSD Security Advisory: mmap

software-bug-signThe FreeBSD Security Team has identified an issue in mmap and has issued the following security advisory: FreeBSD-SA-13:06.mmap (18/06/2013).

The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space. The process can then access the file using memory operations rather than filesystem I/O calls.

The ptrace(2) system call provides tracing and debugging facilities by allowing one process (the tracing process) to watch and control another (the traced process).

Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process’s address space to which the traced process itself does not have write access.

This error can be exploited to allow unauthorized modification of an arbitrary file to which the attacker has read access, but not write access. Depending on the file and the nature of the modifications, this can result in privilege escalation.

For a solution, check out the security advisory: FreeBSD-SA-13:06.mmap

FreeBSD Security Advisory (Bind)

The FreeBSD Security Team has identified an issue in Bind and has issued the following security advisory: FreeBSD-SA-12:06.bind (22/11/2012).

I. Background

BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server.

II. Problem Description

The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA.

III. Impact

A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named.

For a workaround and solution, check out the security advisory: FreeBSD-SA-12:06.bind

An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record.

The attacker can also cause the server to lock up with specific combinations of RDATA.

FreeBSD Security Advisory (Bind)

The FreeBSD Security Team has identified an issue in Bind and has issued the following security advisory: FreeBSD-SA-12:05.bind.asc (06/08/2012).
I. Background

BIND 9 is an implementation of the Domain Name System (DNS) protocols. The named(8) daemon is an Internet Domain Name Server.

DNS Security Extensions (DNSSEC) provides data integrity, origin authentication and authenticated denial of existence to resolvers.

II. Problem Description

BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure.

III. Impact

A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.

For a workaround and solution, check out the security advisory: FreeBSD-SA-12:05.bind.asc

FreeBSD Security Advisory (Crypt)

The FreeBSD Security Team has identified an issue in crypt and has issued the following security advisory: FreeBSD-SA-12:02.crypt (30/05/2012).

I. Background

The crypt(3) function performs password hashing with additional code added to deter key search attempts.

II. Problem Description

There is a programming error in the DES implementation used in crypt() when handling input which contains characters that can not be represented with 7-bit ASCII.

III. Impact

When the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored.

For a workaround and solution, check out the security advisory: FreeBSD-SA-12:02.crypt

FreeBSD Security Advisory (OpenSSL)

The FreeBSD Security Team has identified a security issue in openssl.

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory.

OpenSSL support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack.

To find out more about the impact, a work-around and solution, check out the advisory page:FreeBSD Security Advisory (openssl)

FreeBSD quick news and links (GhostBSD, Centreon, FreeBSD Dev, iXsystems)

GhostBSD 2.5: A GNOME-ified FreeBSD 9.0

If you want to try out FreeBSD 9.0 this holiday but are not turned on by the actual FreeBSD 9.0 install and setup process, nor find the KDE desktop of PC-BSD 9.0 enjoyable, you may want to try out GhostBSD 2.5.

GhostBSD 2.5: A GNOME-ified FreeBSD 9.0


Centreon 2.3.3 on FreeBSD 9

This tutorial will guide the user to complete the installation of Centreon on FreeBSD. We will be using an installation on a FreeBSD 9.0-PRERELEASE kernel version, kernel version does not influence the tutorial.

What is the Centreon? Centreon is a powerful tool for monitoring hosts and services, it is a frontend that works on top of Nagios, adding many features for viewing and alert history, status, etc. ..

Centreon 2.3.3 on FreeBSD 9


Debian GNU/kFreeBSD Gets Ready For FreeBSD 9.0

It’s not only the FreeBSD and PC-BSD camps gearing up for the imminent release of FreeBSD 9.0, but Debian developers have already been gearing up for the major update of this leading BSD distribution as they prepare to pull in its new kernel.

Debian GNU/kFreeBSD Gets Ready For FreeBSD 9.0


Top 6 Linux and BSD graphical installation programs

PC-BSD’s installation setup is one of them: Top 6 Linux and BSD graphical installation programs.


FreeBSD Development over 13 Years

This video shows the visual development of FreeBSD with its committers.

iXsystems Haiku Contest

Do you have the creativity/humor/love for FreeBSD and PC-BSD? Then submit an original haiku poem.

Here at iXsystems we always love hearing what you have to say, and what better way to celebrate the upcoming PC-BSD 9.0 release than indulging in some creative writing? We’ll gladly give away a PC-BSD shirt to the winner, and immortalize his/her haiku up on our Facebook and Google+ sites. (via)

bsdtalk210 – James Nixon from iXsystems

Interview with James Nixon from iXsystems at the LISA 2011 conference in Boston.

bsdtalk210 – James Nixon from iXsystems


BSDs ‘lost’ just because of this phone number 1-800-ITS-UNIX

BSD ‘lost’ because of a phone number? Nonsense.

Four of the BSD guys had just formed a company to sell BSD commercially. They even had a nice phone number: 1-800-ITS-UNIX. That phone number did them and me in. AT&T sued them over the phone number and the lawsuit took 3 years to settle. That was precisely the period Linux was launched and BSD was frozen due to the lawsuit

Interview with Andrew Tanenbaum


FreeBSD Security Advisories

PAMPAM_sshtelnetdchroot, and bind.