COMMAND

    AfterStep (Asmon/Ascpu ports)

SYSTEMS AFFECTED

    FreeBSD ports collection before 2000-01-29

PROBLEM

    Following is  based on  FreeBSD Security  Advisory.   Two optional
    third-party ports distributed with FreeBSD can be used to  execute
    commands  with  elevated  privileges,  specifically  setgid   kmem
    privileges.  This may lead to a local root compromise.

    Asmon and ascpu allow users to execute arbitrary commands as  part
    of a user configuration file.  Both applications are Linux-centric
    as distributed  by the  vendor and  require patching  to run under
    FreeBSD (specifically,  using the  kvm interface  and setgid  kmem
    privileges to  obtain system  statistics); this  patching was  the
    source of the  present security problem.   This is a  similar flaw
    to one found in the wmmon port, which was corrected on 1999/12/31.

    Note that neither  utility is installed  by default, nor  are they
    "part of  FreeBSD" as  such: they  are part  of the  FreeBSD ports
    collection, which contains  over 3100 third-party  applications in
    a ready-to-install format.

    If  you  have   not  chosen  to   install  the  asmon   or   ascpu
    ports/packages, then your system is not vulnerable.  If you  have,
    then local users can obtain setgid kmem rights, which allows  them
    to manipulate kernel memory, and thereby compromise root.

SOLUTION

    Remove the asmon and  ascpu ports/packages, if you  have installed
    them.  Solution is one of the following:

    1) Upgrade  your  entire  ports  collection and rebuild the  asmon
       and/or ascpu ports.

    2) Reinstall a new package obtained from:

        ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/sysutils/asmon-0.60.tgz
        ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/sysutils/ascpu-1.8.tgz

       after the correction date. At the time of advisory release, the
       asmon package was not  available - you may  need to use one  of
       the other methods to update the software.

    3) download a new port  skeleton for the asmon and/or  ascpu ports
       from:

        http://www.freebsd.org/ports/

       and use it to rebuild one or both ports.

    4) Use the portcheckout utility to automate option (3) above.  The
       portcheckout port is available in /usr/ports/devel/portcheckout
       or the package can be obtained from:

        ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/devel/portcheckout-2.0.tgz