From owner-announce-jp@jp.freebsd.org  Mon May 29 08:28:38 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id IAA53173;
	Mon, 29 May 2000 08:28:38 +0900 (JST)
	(envelope-from owner-announce-jp@jp.FreeBSD.org)
Date: Mon, 29 May 2000 06:13:52 +0900 (JST)
Message-Id: <200005282113.GAA00758@iris.dti.ne.jp>
To: announce-jp@jp.FreeBSD.org
From: dais@iris.dti.ne.jp (Daisuke Higashi)
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-2022-JP
X-Mailer: mnews [version 1.21PL5] 1999-04/04(Sun)
X-ML-maintainer: owner-announce-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: announce-jp 452
Subject: Re: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA-00:20.krb5
Errors-To: owner-announce-jp@jp.freebsd.org
Sender: owner-announce-jp@jp.freebsd.org


$B$3$N%a!<%k$O(B, announce-jp $B$KN.$l$?(B 

 Subject: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA-00:20.krb5
 From: FreeBSD Security Officer <security-officer@freebsd.org>
 Date: Fri, 26 May 2000 10:40:39 -0700 (PDT)
 Message-Id: <20000526174039.514AE37BF77@hub.freebsd.org>
 X-Sequence: announce-jp 449

$B$rF|K\8lLu$7$?$b$N$G$9(B.

$B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,(B, $B$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s(B. 
$B%Q%C%AEy$NFbMF$,2~cb$5$l$F$$$J$$$3$H$r3NG'$9$k$?$a$K(B PGP $B$N%A%'%C%/$r(B
$B9T$J$&$K$O(B, $B86J8$r;2>H$7$F$/$@$5$$(B. 

$BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B(doc-jp)$B$,;29M$N(B
$B$?$a$KDs6!$9$k$b$N$G(B, doc-jp $B$O(B $B$=$NFbMF$K$D$$$F$$$+$J$kJ]>Z$b$$$?$7$^$;$s(B.
$BF|K\8lLu$K$D$$$F$N$*Ld$$9g$o$;$O(B doc-jp@jp.freebsd.org $B$^$G$*4j$$$7$^$9(B.


=============================================================================
FreeBSD-SA-00:20                                           Security Advisory
                                                                FreeBSD, Inc.

$B%H%T%C%/(B:        krb5 port $B$K4^$^$l$k%j%b!<%H$*$h$S%m!<%+%k$K$*$1$k(B
                 root $B8"8BC%<h$N4m81@-(B
$BJ,N`(B:            ports
$B%b%8%e!<%k(B:      krb5
$B9pCNF|(B:          2000-05-26
$B%/%l%8%C%H(B:      Jeffrey I. Schiller <jis@MIT.EDU>
$B1F6AHO0O(B:        $B=$@5F|0JA0$N(B ports $B%3%l%/%7%g%s(B
$B=$@5F|(B:          2000-05-17
$B%Y%s%@$NBP1~(B:    $B%Q%C%A$N%j%j!<%9(B
FreeBSD$B$K8GM-$+(B: NO

I.   $BGX7J(B - Background

MIT Kerberos 5 $B$O(B Kerberos 5 $B%W%m%H%3%k$N<BAu$G$9(B.
$B$3$l$O(B security/krb5 $B$H$7$F(B FreeBSD $B$N(B ports $B%3%l%/%7%g%s$+$iMxMQ$G$-$^$9(B. 
$B$^$?(B FreeBSD $B$O(B, $B$3$l$H$OJL$K3+H/$5$l$?(B KTH $B$K$h$k(B Kerberos 4 $B$*$h$S(B 5 $B$N(B
$B<BAu$r4^$s$G$*$j(B, $B%Y!<%9%7%9%F%`(B (base system) $B$N0lItJ,$H$7$F(B,
$B%*%W%7%g%s$G%$%s%9%H!<%k$5$l$^$9(B. (Kerberos 5 $B$N<BAu$G$"$k(B
KTH Heimdal $B$O(B, $B8=:_!V<B83E*$J(B(experimental)$B!W%=%U%H%&%'%"$H$5$l$F$$$^$9(B.)

II.  $BLdBj$N>\:Y(B - Problem Description

1.1.1 $B$*$h$S$=$l0JA0$N%P!<%8%g%s$N(B MIT Kerberos 5 $B$N(B port $B$K$O(B,
$B%j%b!<%H$*$h$S%m!<%+%k$+$i0-MQ2DG=$J(B, $B$$$/$D$+$N(B
$B%P%C%U%!%*!<%P%U%m!<LdBj$,B8:_$9$k$?$a(B, root $B8"8B$,C%$o$l$k(B
$B4m81@-$,$"$j$^$9(B.

$B$?$@$7(B, FreeBSD $B$N(B $B%Y!<%9(B (base) $B%7%9%F%`$H$H$b$K=P2Y$5$l$F$$$k(B
Kerberos $B$N<BAu$O(B MIT Kerberos $B$H$OJL$K3+H/$5$l$F$$$k$b$N$G(B,
$B$3$l$i$NLdBj$K$h$k%;%-%e%j%F%#>e$N<eE@$OB8:_$7$J$$$H9M$($i$l$F$$$^$9(B.

$B$7$+$7(B, 1997 $BG/0J9_$NHs>o$K8E$$(B FreeBSD $B$N%j%j!<%9(B
(FreeBSD 2.2.5) $B$O(B, MIT $BM3Mh$N(B Kerberos $B$K6a$$<BAu(B ("eBones") $B$H$H$b$K(B
$B=P2Y$5$l$F$*$j(B, $B$*$=$i$/$3$3$K=q$+$l$F$$$kF1<o$N967b$KBP$9$k(B
$B%;%-%e%j%F%#>e$N<eE@$,B8:_$9$k$H;W$o$l$^$9(B.  $B8=:_$b$J$*(B FreeBSD 2.2.5 $B$r(B
$B;HMQ$7(B, $B%*%W%7%g%s$N(B Kerberos $B$NG[I[$r%$%s%9%H!<%k$7$F$$$k%f!<%6$O(B,
2.2.8-STABLE $B$"$k$$$O$=$l0J9_$N$b$N$K%"%C%W%0%l!<%I$9$k$3$H$r6/$/(B
$B$*$9$9$a$7$^$9(B. $B$?$@$7(B, FreeBSD 2.x $B$O(B, $B$9$G$K8x<0$K$O%5%]!<%H$5$l$F$$$J$$(B
$B%P!<%8%g%s$G$9(B. $B%;%-%e%j%F%#$K4X$9$k=$@5$bDs6!$5$l$J$$$3$H$KCm0U$7$F$/$@$5$$(B.

$B%G%U%)%k%H$G$O(B krb5 $B$N(B port $B$O%$%s%9%H!<%k$5$l$^$;$s$7(B,
$B$=$l<+BN$O!V(BFreeBSD $B$N0lIt!W$G$O$"$j$^$;$s(B: $B$3$l$O(B FreeBSD $B$N(B
ports $B%3%l%/%7%g%s$N0lIt$G(B, $B$=$l$i$O$9$0$K%$%s%9%H!<%k2DG=$J7A<0$N(B
$BLs(B 3300 $B<oN`$N%5!<%I%Q!<%F%#@=%"%W%j%1!<%7%g%s$G$9(B.
FreeBSD 4.0 $B$H$H$b$K=P2Y$5$l$?(B ports $B%3%l%/%7%g%s$O(B, 
$B%j%j!<%98e$KLdBj$,8+$D$+$C$?$?$a$K$3$NLdBj$r4^$s$G$$$^$9(B.

FreeBSD $B$G$O(B, $B$3$N$h$&$J%5!<%I%Q!<%F%#@=%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#LdBj$K(B
$BBP$7$F(B, $BFC$K2?$+$r<gD%$9$k$3$H$O$"$j$^$;$s(B ($BLuCm(B: Ports Collection $B$KF~$C$F(B
$B$$$k$+$i$H$$$C$F(B, FreeBSD $B$N3+H/<T$?$A$,$=$N%"%W%j%1!<%7%g%s$,0BA4$G$"$k$H(B
$BI>2A$7$?$o$1$G$O$"$j$^$;$s(B). $B$?$@$7(B, $B%;%-%e%j%F%#LdBj$KBP$7$FBg$-$J1F6A$r(B
$B;}$D$h$&$J(B ports $B$KBP$9$k%;%-%e%j%F%#4F::$rDs6!$9$Y$/(B, $B8=:_EXNOCf$G$9(B. 

III. $B1F6AHO0O(B - Impact

krb5 $B$r2TF/$7$F$$$k%7%9%F%`>e$G(B, $B%m!<%+%k$"$k$$$O%j%b!<%H$N(B
$B%f!<%6$,(B root $B8"8B$N%"%/%;%9$rF@$k$3$H$,2DG=$G$9(B.

krb5 $B$N(B port $B$r%$%s%9%H!<%k$9$k$3$H$rA*Br$7$F$$$J$1$l$P(B,
$B$"$J$?$N%7%9%F%`$O$3$NLdBj$KBP$9$k@H<e@-$O$"$j$^$;$s(B.

IV.  $BBP1~:v(B - Workaround

$B$3$N@H<e@-$N@-<A$N$?$a(B, $B$$$/$D$+$N%W%m%0%i%`$d%M%C%H%o!<%/%5!<%S%9$,(B
$B1F6A$r<u$1$^$9(B. port $B$N:F9=C[$,:$Fq$G$"$l$P(B, $BDs0F$5$l$F$$$kBP1~:v(B
($B%5!<%S%9$NDd;_!&=$@5$*$h$S(B, $BLdBj$N$"$k%P%$%J%j$N(B setuid $B%Q!<%_%C%7%g%s$N(B
$B=|5n$r4^$s$G$$$^$9(B) $B$K4X$9$k(B MIT Kerberos $B$N4+9p$r;2>H$7$F$/$@$5$$(B.
$B$=$N4+9p$,$"$k>l=j$O(B, $B<!$N$H$*$j$G$9(B.

http://web.mit.edu/kerberos/www/advisories/krb4buf.txt

V.   $B=$@5=hCV(B - Solution  

1) ports $B%3%l%/%7%g%sA4BN$r%"%C%W%0%l!<%I$7(B, krb5 $B$N(B port $B$r(B
$B:F9=C[$7$F$/$@$5$$(B. $BM"=P5,@)$N$?$a(B package $B$ODs6!$5$l$F$$$^$;$s(B.

2) krb5 port $B$rMxMQ$9$k?7$7$$(B port $B%9%1%k%H%s$r<!$N>l=j$+$i(B
$B%@%&%s%m!<%I$7(B, port $B$r%j%S%k%I$7$F$/$@$5$$(B.

http://www.freebsd.org/ports/

3) $B>e$G%*%W%7%g%s(B (3) $B$r<+F02=$9$k$?$a$N%f!<%F%#%j%F%#$G$"$k(B
portcheckout $B$r;H$C$F$/$@$5$$(B. portcheckout  $B$N(B port $B$O(B
/usr/ports/devel/portcheckout $B$K$"$j$^$9(B. package $B$,(B

ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/devel/portcheckout-1.0.tgz

$B$+$iF~<j2DG=$G$9(B.
