FreeBSD issues five security advisories for Christmas
"The timing, to put it bluntly, sucks" said Colin Percival, FreeBSD Security Officer, in a posting explaining why the FreeBSD developers had to issue five security advisories on the Friday before Christmas. According to Percival, the developers had to do it because one of the flaws, a remote root vulnerability in telnetd, was being actively exploited in the wild and that, while "most people have moved past telnet and on to SSH by now", the security problem was not "an issue we could postpone until a more convenient time"
The telnetd advisory notes that the daemon has been disabled by default in FreeBSD since August 2001 and that, although there is no workaround, just disabling the telnetd daemon will eliminate the possibility of an attacker using it to run arbitrary code with with daemon's privileges. The other advisories concern the pam module not correctly validating service names, the pam_ssh module improperly granting access when an account has unencrypted SSH private keys, ftpd under chroot allowing code execution, and a named remote denial of service. All currently supported versions of FreeBSD are affected and binary patches are available for FreeBSD 7.4, 7.3, 8.2 and 8.1 (installed using the freebsd-update command). Other mitigations and further patch information is contained within each of the advisories.