NetBSD Announces Four New Security Advisories

Dan writes "The NetBSD project has announced four new security advisories. NetBSD ships with the racoon(8) IKE (Internet Key Exchange) daemon, a vulnerability was found in the code for packet validation of "informational exchange" messages. Inconsistent IPv6 path MTU discovery handling vulnerability states that a malicious party can cause a remote kernel panic by using ICMPv6 "too big" messages. The OpenSSL 0.9.6 ASN.1 parser vulnerability could lead to a possible denial-of-service. Finally, shmat reference counting bug - programming error in the shmat(2) system call can result in a shared memory segment's reference count being erroneously incremented."

Darn, FreeBSD also affected.

[TheLink]

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/ FreeBSD-SA-04:02.shmat.asc

Re:Darn, FreeBSD also affected.

Yep. Damn local root holes.

Re:Darn, FreeBSD also affected.

[Rotting]

Is this the same issue or a new one? The freebsd one was released over 2 weeks ago.

Re:Darn, FreeBSD also affected.

Same one. All my boxes where patched for this a week ago.

Re:Darn, FreeBSD also affected.

[Tuzanor]

All of the BSDs were affected. The bug was first found in freebsd about a month ago, then about 2 weeks ago OpenBSD was found to be vulnerable, and now the netbsd guys have found out too. So its the same MTU bug.

This is no surprise, as they all use the same IPv6 stack (KAME).

Re:Darn, FreeBSD also affected.

FreeBSD is not attracted to this IPv6 bug.

Re:Darn, FreeBSD also affected.

[kahsim]

What is the difference between FreeBSD and OpenBSD? It says I acn get OpenBSD for free from their website, but where do I go? How do I post a question, which is original? Sorry, I am new to this site.

Re:Darn, FreeBSD also affected.

[TheLink]

Go to www.freebsd.org for FreeBSD info
Go to www.openbsd.org for OpenBSD info.

OpenBSD too ... except

The patches were issued a rather long time ago...

Run this and all your security problems are solved

[NEOtaku17]

If your running an i386 just run this baby and it will get rid of any packages that have been flagged as insecure ftp://ftp.netbsd.org/pub/NetBSD/packages/1.6.2/i38 6/All/audit-packages-1.27.tgz Make sure that you don't need any of the packages it get's rid of before you run it. Too see which vulnerabilities it get's rid of check out this list. Also make sure you don't need anything on this list .ftp://ftp.netbsd.org/pub/NetBSD/packages/distfile s/vulnerabilities

Panther

[packetbasher]

Does anyone know if this also affects Panther (OSX 10.3) which also ships with racoon?

Re:Run this and all your security problems are sol

[MobyTurbo]

If your running an i386 just run this baby and it will get rid of any packages that have been flagged as insecure ftp://ftp.netbsd.org/pub/NetBSD/packages/1.6.2/i38 6/All/audit-packages-1.27.tgz

Wrong. This tracks security problems of *packages*, as the name suggests. Problems with the base system, on the other hand, are handled by cvsing the proper source files and recompiling them; as per the advice in the security bulletins. (You *are* a subscriber to the NetBsd security announce list, aren't you? It's not high volume. :-) )

Did we copy the Windows Source Code?

[sheapshearer]

The OpenSSL 0.9.6 ASN.1 parser vulnerability...

What is going on? Didn't Microsoft have the same vulnerability recently? How is it that three entirely different operating systems (Linux,Windows,BSD) have the same vulnerability?

Is this caused by human mistake or laziness?

Re:Did we copy the Windows Source Code?

M$ is copying code from OpenSSL!
That's why M$ code also has the ASN.1 bug!

The truth is out there!!!

Re:Did we copy the Windows Source Code?

[agent+dero]

I'd be willing to bet it's because they're all using the same BSD-licensed code.

Remember, all three have FreeBSD code in there, I can see it easily feasible that this racoon program has some sort of implementation on all three 'genres' of OS.

Re:Did we copy the Windows Source Code?

[eht]

Actually largely all of them have code all intertwined, FreeBSD and NetBSD don't write their own OpenSSH apps for example, they borroww OpenBSD's, then again so does almost everyone else.

NetBSD is actually the oldest of the current BSD's derived from BSD Net/2 (4.3BSD Lite), 386BSD was derived from that and FreeBSD is derived from 386BSD, both later got code from 4.4BSD Lite, and shortly after that OpenBSD was derived from NetBSD.

Sort of like the bible, with "And Aramus begat Aramus Junior, who begat Aramus Junior Junior."

Re:Did we copy the Windows Source Code?

[bourne]

What is going on? Didn't Microsoft have the same vulnerability recently? How is it that three entirely different operating systems (Linux,Windows,BSD) have the same vulnerability?

More likely the root cause of the problem is that parsing (anything) is an error-prone process, and parsing a complex standard is even more likely to result in problems. Parsers have to try to pull the data that is supposed to be there according to the standard, and have to hope that whoever is writing the data is also reading the standard correctly and in the same way, and it's just a huge mess.

Re:Did we copy the Windows Source Code?

[Hadji+Baba]

No Silly, we all got it from SCO's System V

Re:Quick BSD Factsheet

> cd /usr/ports/www/apache13; make install

What's that? I need this lib? This package? This file here? BUILD ERROR AFTER BUILD ERROR.

No, you're thinking of RPM-based OS's. The ports collection takes care of all dependencies.

(Yes, I know, IHBT, IHL, HAND.)