[nycbug-talk] Fwd: Merry Christmas from the FreeBSD Security Team
George Rosamond
george at ceetonetechnology.com
Sat Dec 24 15:54:43 EST 2011
On 12/24/11 15:04, Jesse Callaway wrote:
> telnet might be useful for running things like machinery such as a
> generator or maybe an industrial centrifuge...
> of course such things only run in a network which is properly firewalled.
> an internal private network where node based security need not be worried
> about in the first place.
Yeah, very valid point. Mock telnet all you want, but it's still there.
Same with ftp. Rumor has it lots of trading data moves between the
various players by ftp. Still.
Of course, there were other vulnerabilities revealed, like the pam and
libc-related stuff.
I had no problem updating boxes from source with make with FreeBSD 7.x
and 8.x, but freebsd-update seemed to bork, as I mentioned earlier, with
libc stuff on both 7.x and 8.x.
/usr/src/lib/libc/gen/libc_dlopen.c
This 'cheat' solves it. . . but icky.
http://icesquare.com/wordpress/freebsd-updateinstalling-updates-install-usrsrcliblibcgenlibc_dlopen-c-no-such-file-or-directory/
g
More information about the talk
mailing list