[pkgsrc/pkgsrc-2005Q2]: pkgsrc/security/msf Pullup ticket 652 - requested by ...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2005Q2]: pkgsrc/security/msf Pullup ticket 652 - requested by ...
From: salo <salo%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 01:58:58 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2ea23b8c99e1
branches:  pkgsrc-2005Q2
changeset: 495932:2ea23b8c99e1
user:      salo <salo%pkgsrc.org@localhost>
date:      Wed Aug 03 23:15:40 2005 +0000

description:
Pullup ticket 652 - requested by Adrian Portelli
security fix for msf

Revisions pulled up:
- pkgsrc/security/msf/Makefile          1.7
- pkgsrc/security/msf/distinfo          1.6
- pkgsrc/security/msf/patches/patch-aa  1.1

   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Sat Jul  2 12:12:33 UTC 2005

   Modified Files:
        pkgsrc/security/msf: Makefile PLIST distinfo

   Log Message:
   - The tarball has been updated but the version number not incremented,
     so deal with this.
   - No official changelog in the tarball for what's changed
   - PLIST fixes
   - Looks like:
        Updated certificate for online updates
        Updated exploits notably Solaris LPD Command Execution
        Fixes for console interface
---
   Module Name:         pkgsrc
   Committed By:        adrianp
   Date:                Wed Aug  3 20:37:44 UTC 2005

   Modified Files:
        pkgsrc/security/msf: Makefile distinfo
   Added Files:
        pkgsrc/security/msf/patches: patch-aa

   Log Message:
   Add patch to address msfweb "refang" security update
   Bump to nb2
   make pkglint happy

diffstat:

 security/msf/Makefile         |   8 +++++---
 security/msf/PLIST            |   5 ++++-
 security/msf/distinfo         |   9 +++++----
 security/msf/patches/patch-aa |  24 ++++++++++++++++++++++++
 4 files changed, 38 insertions(+), 8 deletions(-)

diffs (90 lines):

diff -r 5906be89ca47 -r 2ea23b8c99e1 security/msf/Makefile
--- a/security/msf/Makefile     Wed Aug 03 22:54:27 2005 +0000
+++ b/security/msf/Makefile     Wed Aug 03 23:15:40 2005 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.4 2005/05/17 17:23:59 adrianp Exp $
+# $NetBSD: Makefile,v 1.4.2.1 2005/08/03 23:15:40 salo Exp $
 #
 
 DISTNAME=      framework-2.4
 PKGNAME=       msf-2.4
+PKGREVISION=   2
 CATEGORIES=    security
 MASTER_SITES=  http://www.metasploit.com/tools/
 
@@ -10,11 +11,12 @@
 HOMEPAGE=      http://www.metasploit.com/
 COMMENT=       Platform for developing, testing, and using exploit code
 
-LICENSE=       inlineegg-license
-
 DEPENDS+=      p5-Net-SSLeay>=1.23:../../security/p5-Net-SSLeay
 DEPENDS+=      p5-Term-ReadLine>=1.14:../../devel/p5-Term-ReadLine
 
+DIST_SUBDIR=   ${PKGNAME}
+LICENSE=       inlineegg-license
+
 MSFDIR?=       ${PREFIX}/share/msf
 MSFDOC?=       ${PREFIX}/share/doc/msf
 MESSAGE_SUBST+= MSFDIR=${MSFDIR}
diff -r 5906be89ca47 -r 2ea23b8c99e1 security/msf/PLIST
--- a/security/msf/PLIST        Wed Aug 03 22:54:27 2005 +0000
+++ b/security/msf/PLIST        Wed Aug 03 23:15:40 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2005/05/17 17:23:59 adrianp Exp $
+@comment $NetBSD: PLIST,v 1.3.2.1 2005/08/03 23:15:40 salo Exp $
 share/doc/msf
 share/msf/docs/7f8d5320.0
 share/msf/docs/BUGS
@@ -71,6 +71,9 @@
 share/msf/exploits/Credits.pm
 share/msf/exploits/aim_goaway.pm
 share/msf/exploits/backupexec_ns.pm
+share/msf/exploits/bakbone_netvault_heap.pm
+share/msf/exploits/globalscapeftp_user_input.pm
+share/msf/exploits/warftpd_165_user.pm
 share/msf/exploits/icecast_header.pm
 share/msf/exploits/iis40_htr.pm
 share/msf/exploits/iis_fp30reg_chunked.pm
diff -r 5906be89ca47 -r 2ea23b8c99e1 security/msf/distinfo
--- a/security/msf/distinfo     Wed Aug 03 22:54:27 2005 +0000
+++ b/security/msf/distinfo     Wed Aug 03 23:15:40 2005 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.4 2005/05/17 17:23:59 adrianp Exp $
+$NetBSD: distinfo,v 1.4.2.1 2005/08/03 23:15:40 salo Exp $
 
-SHA1 (framework-2.4.tar.gz) = 595f7d7af2858070de1849801a2e3cb717f47ac5
-RMD160 (framework-2.4.tar.gz) = f1c0f9c7b7b361096e320514d9900b076d696926
-Size (framework-2.4.tar.gz) = 2594132 bytes
+SHA1 (msf-2.4nb2/framework-2.4.tar.gz) = b09ec49e259d812805301dc9152175903e46beb3
+RMD160 (msf-2.4nb2/framework-2.4.tar.gz) = c2791c46d6c7b8ac9490acfb81f88f5be7105855
+Size (msf-2.4nb2/framework-2.4.tar.gz) = 2607730 bytes
+SHA1 (patch-aa) = 318c8136c22d95195ecd40071d36ae22af0807bb
diff -r 5906be89ca47 -r 2ea23b8c99e1 security/msf/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/msf/patches/patch-aa     Wed Aug 03 23:15:40 2005 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-aa,v 1.1.2.2 2005/08/03 23:15:40 salo Exp $
+
+--- msfweb.orig        2005-08-03 21:12:33.000000000 +0100
++++ msfweb     2005-08-03 21:04:52.000000000 +0100
+@@ -616,7 +616,18 @@
+     my $res = {};
+     
+     foreach (keys(%{$state})) {
+-        if (m/^OPT\_(.*)/ && defined($state->{$_})) { $res->{$1} = $state->{$_} }
++        if (m/^OPT\_(.*)/ && defined($state->{$_})) {
++                      my $name = $1;
++                      
++                      # Block all options starting with underscore (thanks Dino!)
++                      if ($name !~ /^_/) {
++                              $res->{$name} = $state->{$_};
++                      }
++                      else {
++                              # XXX - report a possible "refang" attack?
++                              next;
++                      }
++              }
+     }
+     return $res;
+ }

Prev by Date: [pkgsrc/pkgsrc-2005Q2]: pkgsrc/doc #636
Next by Date: [pkgsrc/trunk]: pkgsrc/pkgtools/pkglint/files Added an (undocumented) option ...
Previous by Thread: [pkgsrc/pkgsrc-2005Q2]: pkgsrc/doc #636
Next by Thread: [pkgsrc/trunk]: pkgsrc/pkgtools/pkglint/files Added an (undocumented) option ...
Indexes:

Home | Main Index | Thread Index | Old Index