1 | From root@fenrir.codigo23.lab Mon May 14 03:22:20 2012
|
---|
2 | Return-Path: <root@fenrir.codigo23.lab>
|
---|
3 | Received: from fenrir.codigo23.lab (localhost [127.0.0.1])
|
---|
4 | by fenrir.codigo23.lab (8.14.5/8.14.5) with ESMTP id q4D1MNxD038292
|
---|
5 | for <root@fenrir.codigo23.lab>; Sun, 13 May 2012 03:22:23 +0200 (CEST)
|
---|
6 | (envelope-from root@fenrir.codigo23.lab)
|
---|
7 | Received: (from root@localhost)
|
---|
8 | by fenrir.codigo23.lab (8.14.5/8.14.5/Submit) id q4D1MNLp038270
|
---|
9 | for root; Sun, 13 May 2012 03:22:23 +0200 (CEST)
|
---|
10 | (envelope-from root)
|
---|
11 | Date: Sun, 13 May 2012 03:22:23 +0200 (CEST)
|
---|
12 | From: Charlie Root <root@fenrir.codigo23.lab>
|
---|
13 | Message-Id: <201205130122.q4D1MNLp038270@fenrir.codigo23.lab>
|
---|
14 | To: root@fenrir.codigo23.lab
|
---|
15 | Subject: fenrir.codigo23.lab security run output
|
---|
16 |
|
---|
17 |
|
---|
18 | Checking setuid files and devices:
|
---|
19 |
|
---|
20 | Checking for uids of 0:
|
---|
21 | root 0
|
---|
22 | toor 0
|
---|
23 |
|
---|
24 | Checking for passwordless accounts:
|
---|
25 |
|
---|
26 | Checking login.conf permissions:
|
---|
27 |
|
---|
28 | Checking for ports with mismatched checksums:
|
---|
29 |
|
---|
30 | fenrir.codigo23.lab kernel log messages:
|
---|
31 | +++ /tmp/security.94lpgJ1k 2012-05-13 03:22:14.000000000 +0200
|
---|
32 | +Accounting disabled
|
---|
33 | +Accounting enabled
|
---|
34 | +Accounting disabled
|
---|
35 | +Accounting enabled
|
---|
36 |
|
---|
37 | fenrir.codigo23.lab login failures:
|
---|
38 |
|
---|
39 | fenrir.codigo23.lab refused connections:
|
---|
40 |
|
---|
41 | Checking for a current audit database:
|
---|
42 |
|
---|
43 | Database created: Sat May 12 03:20:04 CEST 2012
|
---|
44 |
|
---|
45 | Checking for packages with security vulnerabilities:
|
---|
46 |
|
---|
47 | Affected package: nvidia-driver-285.05.09
|
---|
48 | Type of problem: NVIDIA UNIX driver -- access to arbitrary system memory.
|
---|
49 | Reference: http://portaudit.FreeBSD.org/b91234e7-9a8b-11e1-b666-001636d274f3.html
|
---|
50 |
|
---|
51 | Affected package: chromium-15.0.874.121
|
---|
52 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
53 | Reference: http://portaudit.FreeBSD.org/94c0ac4f-9388-11e1-b242-00262d5ed8ee.html
|
---|
54 |
|
---|
55 | Affected package: firefox-8.0,1
|
---|
56 | Type of problem: mozilla -- multiple vulnerabilities.
|
---|
57 | Reference: http://portaudit.FreeBSD.org/380e8c56-8e32-11e1-9580-4061862b8c22.html
|
---|
58 |
|
---|
59 | Affected package: png-1.4.8
|
---|
60 | Type of problem: png -- memory corruption/possible remote code execution.
|
---|
61 | Reference: http://portaudit.FreeBSD.org/262b92fe-81c8-11e1-8899-001ec9578670.html
|
---|
62 |
|
---|
63 | Affected package: freetype2-2.4.7
|
---|
64 | Type of problem: freetype -- multiple vulnerabilities.
|
---|
65 | Reference: http://portaudit.FreeBSD.org/462e2d6c-8017-11e1-a571-bcaec565249c.html
|
---|
66 |
|
---|
67 | Affected package: mutt-devel-1.5.21_3
|
---|
68 | Type of problem: mutt-devel -- failure to check SMTP TLS server certificate.
|
---|
69 | Reference: http://portaudit.FreeBSD.org/49314321-7fd4-11e1-9582-001b2134ef46.html
|
---|
70 |
|
---|
71 | Affected package: chromium-15.0.874.121
|
---|
72 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
73 | Reference: http://portaudit.FreeBSD.org/057130e6-7f61-11e1-8a43-00262d5ed8ee.html
|
---|
74 |
|
---|
75 | Affected package: chromium-15.0.874.121
|
---|
76 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
77 | Reference: http://portaudit.FreeBSD.org/b8f0a391-7910-11e1-8a43-00262d5ed8ee.html
|
---|
78 |
|
---|
79 | Affected package: raptor2-2.0.4_1
|
---|
80 | Type of problem: raptor/raptor2 -- XXE in RDF/XML File Interpretation.
|
---|
81 | Reference: http://portaudit.FreeBSD.org/60f81af3-7690-11e1-9423-00235a5f2c9a.html
|
---|
82 |
|
---|
83 | Affected package: chromium-15.0.874.121
|
---|
84 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
85 | Reference: http://portaudit.FreeBSD.org/330106da-7406-11e1-a1d7-00262d5ed8ee.html
|
---|
86 |
|
---|
87 | Affected package: libtasn1-2.11
|
---|
88 | Type of problem: libtasn1 -- ASN.1 length decoding vulnerability.
|
---|
89 | Reference: http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html
|
---|
90 |
|
---|
91 | Affected package: gnutls-2.12.14
|
---|
92 | Type of problem: libtasn1 -- ASN.1 length decoding vulnerability.
|
---|
93 | Reference: http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html
|
---|
94 |
|
---|
95 | Affected package: gnutls-2.12.14
|
---|
96 | Type of problem: gnutls -- possible overflow/Denial of service vulnerabilities.
|
---|
97 | Reference: http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html
|
---|
98 |
|
---|
99 | Affected package: firefox-8.0,1
|
---|
100 | Type of problem: mozilla -- multiple vulnerabilities.
|
---|
101 | Reference: http://portaudit.FreeBSD.org/a1050b8b-6db3-11e1-8b37-0011856a6e37.html
|
---|
102 |
|
---|
103 | Affected package: portaudit-0.5.17
|
---|
104 | Type of problem: portaudit -- auditfile remote code execution.
|
---|
105 | Reference: http://portaudit.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
|
---|
106 |
|
---|
107 | Affected package: chromium-15.0.874.121
|
---|
108 | Type of problem: chromium -- Errant plug-in load and GPU process memory corruption.
|
---|
109 | Reference: http://portaudit.FreeBSD.org/ab1f515d-6b69-11e1-8288-00262d5ed8ee.html
|
---|
110 |
|
---|
111 | Affected package: chromium-15.0.874.121
|
---|
112 | Type of problem: chromium -- cross-site scripting vulnerability.
|
---|
113 | Reference: http://portaudit.FreeBSD.org/1015e1fe-69ce-11e1-8288-00262d5ed8ee.html
|
---|
114 |
|
---|
115 | Affected package: chromium-15.0.874.121
|
---|
116 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
117 | Reference: http://portaudit.FreeBSD.org/99aef698-66ed-11e1-8288-00262d5ed8ee.html
|
---|
118 |
|
---|
119 | Affected package: postgresql-client-8.4.10
|
---|
120 | Type of problem: databases/postgresql*-client -- multiple vulnerabilities.
|
---|
121 | Reference: http://portaudit.FreeBSD.org/174b8864-6237-11e1-be18-14dae938ec40.html
|
---|
122 |
|
---|
123 | Affected package: libxml2-2.7.8_1
|
---|
124 | Type of problem: libxml2 -- heap buffer overflow.
|
---|
125 | Reference: http://portaudit.FreeBSD.org/57f1a624-6197-11e1-b98c-bcaec565249c.html
|
---|
126 |
|
---|
127 | Affected package: chromium-15.0.874.121
|
---|
128 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
129 | Reference: http://portaudit.FreeBSD.org/2f5ff968-5829-11e1-8288-00262d5ed8ee.html
|
---|
130 |
|
---|
131 | Affected package: python24-2.4.5_8
|
---|
132 | Type of problem: Python -- DoS via malformed XML-RPC / HTTP POST request.
|
---|
133 | Reference: http://portaudit.FreeBSD.org/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html
|
---|
134 |
|
---|
135 | Affected package: chromium-15.0.874.121
|
---|
136 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
137 | Reference: http://portaudit.FreeBSD.org/fe1976c2-5317-11e1-9e99-00262d5ed8ee.html
|
---|
138 |
|
---|
139 | Affected package: firefox-8.0,1
|
---|
140 | Type of problem: mozilla -- multiple vulnerabilities.
|
---|
141 | Reference: http://portaudit.FreeBSD.org/0a9e2b72-4cb7-11e1-9146-14dae9ebcf89.html
|
---|
142 |
|
---|
143 | Affected package: sudo-1.8.3_1
|
---|
144 | Type of problem: sudo -- format string vulnerability.
|
---|
145 | Reference: http://portaudit.FreeBSD.org/7c920bb7-4b5f-11e1-9f47-00e0815b8da8.html
|
---|
146 |
|
---|
147 | Affected package: chromium-15.0.874.121
|
---|
148 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
149 | Reference: http://portaudit.FreeBSD.org/33d73d59-4677-11e1-88cd-00262d5ed8ee.html
|
---|
150 |
|
---|
151 | Affected package: wireshark-1.6.2
|
---|
152 | Type of problem: Wireshark -- Multiple vulnerabilities.
|
---|
153 | Reference: http://portaudit.FreeBSD.org/3ebb2dc8-4609-11e1-9f47-00e0815b8da8.html
|
---|
154 |
|
---|
155 | Affected package: ffmpeg-0.7.8,1
|
---|
156 | Type of problem: ffmpeg -- multiple vulnerabilities.
|
---|
157 | Reference: http://portaudit.FreeBSD.org/ea2ddc49-3e8e-11e1-8095-5404a67eef98.html
|
---|
158 |
|
---|
159 | Affected package: chromium-15.0.874.121
|
---|
160 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
161 | Reference: http://portaudit.FreeBSD.org/1a1aef8e-3894-11e1-8b5c-00262d5ed8ee.html
|
---|
162 |
|
---|
163 | Affected package: firefox-8.0,1
|
---|
164 | Type of problem: mozilla -- multiple vulnerabilities.
|
---|
165 | Reference: http://portaudit.FreeBSD.org/e3ff776b-2ba6-11e1-93c6-0011856a6e37.html
|
---|
166 |
|
---|
167 | Affected package: chromium-15.0.874.121
|
---|
168 | Type of problem: chromium -- multiple vulnerabilities.
|
---|
169 | Reference: http://portaudit.FreeBSD.org/68ac6266-25c3-11e1-b63a-00262d5ed8ee.html
|
---|
170 |
|
---|
171 | Affected package: libXfont-1.4.4,1
|
---|
172 | Type of problem: libXfont -- possible local privilege escalation.
|
---|
173 | Reference: http://portaudit.FreeBSD.org/304409c3-c3ef-11e0-8aa5-485d60cb5385.html
|
---|
174 |
|
---|
175 | 32 problem(s) in your installed packages found.
|
---|
176 |
|
---|
177 | You are advised to update or deinstall the affected package(s) immediately.
|
---|
178 |
|
---|
179 | -- End of security output --
|
---|