Mark BROKEN due to buffer overflow yielding root to members of wheel. There's

also an overflow with ospf_monitor which may result in being able to corrupt routing traffic (which I've reported to the developers) According to the docs, gdc shouldn't be installed root:wheel and setuid, but put into its own gdmaint group. This still doesn't prevent people in that group from gaining root, though. Submitted by: Brock Tellier <btellier@usa.net> (gdc bug)
author: Kris Kennaway <kris@FreeBSD.org> 1999-12-01 19:30:42 +0000
committer: Kris Kennaway <kris@FreeBSD.org> 1999-12-01 19:30:42 +0000
commit: 7bd7b1c944ca2b68cb29d0070acaf26ba618a8a7 (patch)
tree: 16dbb8d1889ff4d5a46ce592112237736fa001f6 /net
parent: Mark BROKEN due to buffer overflow yielding setuid uucp (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/net/gated/Makefile b/net/gated/Makefile
index cb479f30ec1c..2dec6d37e7cc 100644
--- a/net/gated/Makefile
+++ b/net/gated/Makefile
@@ -13,6 +13,8 @@ MASTER_SITES=   ftp://ftp.gated.merit.edu/net-research/gated/
 
 MAINTAINER=	peter@FreeBSD.org
 
+BROKEN=		Security hole (buffer overflow possibly yielding root)
+
 ALL_TARGET=	gated
 MAN8=		gated.8 ripquery.8 ospf_monitor.8 gdc.8
author	Kris Kennaway <kris@FreeBSD.org>	1999-12-01 19:30:42 +0000
committer	Kris Kennaway <kris@FreeBSD.org>	1999-12-01 19:30:42 +0000
commit	7bd7b1c944ca2b68cb29d0070acaf26ba618a8a7 (patch)
tree	16dbb8d1889ff4d5a46ce592112237736fa001f6 /net
parent	Mark BROKEN due to buffer overflow yielding setuid uucp (diff)