FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Multiple portsnap vulnerabilities

Affected packages
11.0 <= FreeBSD < 11.0_1
10.3 <= FreeBSD < 10.3_10
10.2 <= FreeBSD < 10.2_23
10.1 <= FreeBSD < 10.1_40
9.3 <= FreeBSD < 9.3_48

Details

VuXML ID e7dcd69d-8ee6-11e6-a590-14dae9d210b8
Discovery 2016-10-10
Entry 2016-10-10

Problem Description:

Flaws in portsnap's verification of downloaded tar files allows additional files to be included without causing the verification to fail. Portsnap may then use or execute these files.

Impact:

An attacker who can conduct man in the middle attack on the network at the time when portsnap is run can cause portsnap to execute arbitrary commands under the credentials of the user who runs portsnap, typically root.

References

FreeBSD Advisory SA-16:30.portsnap