Mark BROKEN due to buffer overflow yielding root to members of wheel. There's
also an overflow with ospf_monitor which may result in being able to corrupt routing traffic (which I've reported to the developers) According to the docs, gdc shouldn't be installed root:wheel and setuid, but put into its own gdmaint group. This still doesn't prevent people in that group from gaining root, though. Submitted by: Brock Tellier <btellier@usa.net> (gdc bug)
This commit is contained in:
Kris Kennaway
parent
f2ca909c1c
commit
7bd7b1c944
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=23539
1 changed files with 2 additions and 0 deletions
|
|
@ -13,6 +13,8 @@ MASTER_SITES= ftp://ftp.gated.merit.edu/net-research/gated/
|
|||
|
||||
MAINTAINER= peter@FreeBSD.org
|
||||
|
||||
BROKEN= Security hole (buffer overflow possibly yielding root)
|
||||
|
||||
ALL_TARGET= gated
|
||||
MAN8= gated.8 ripquery.8 ospf_monitor.8 gdc.8
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue