This is a problem because all releases of FreeBSD up to and including 4.8-RELEASE and 5.0-RELEASE are affected, and OpenSSH is listed as one of the programs affected by this bug. The fix is to upgrade your system to 5.1 RELEASE or the respective security releases of 4.7 and 4.8 RELEASE, or apply the patch given in the advisory.
Monday, August 11, 2003
Vulnerability in Realpath(3) Function Could Lead to Remote Root Compromise
I just read the FreeBSD security advisory on the realpath(3) function, which "is used to determine the canonical, absolute pathname from a given pathname which may contain extra "/" characters, references to ""/." or "/../", or references to symbolic links. The realpath(3) function is part of the FreeBSD Standard C Library. . . Applications using realpath(3) MAY be vulnerable to denial of service attacks, remote code execution, and/or privilege escalation."