From owner-doc-jp@jp.freebsd.org  Sat Sep  9 08:52:10 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id IAA30044;
	Sat, 9 Sep 2000 08:52:10 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from sv01.geocities.co.jp (sv01.geocities.co.jp [210.153.89.155])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id IAA30039
	for <doc-jp@jp.freebsd.org>; Sat, 9 Sep 2000 08:52:10 +0900 (JST)
	(envelope-from hrs@geocities.co.jp)
Received: from mail.geocities.co.jp (mail.geocities.co.jp [210.153.89.137]) by sv01.geocities.co.jp (8.9.3+3.2W/3.7W) with ESMTP id IAA01864 for <doc-jp@jp.freebsd.org>; Sat, 9 Sep 2000 08:52:10 +0900 (JST)
Received: from mail.hrs.jp (sutnmax1-ppp08.ed.noda.sut.ac.jp [133.31.173.18]) by mail.geocities.co.jp (1.3G-GeocitiesJ-3.3) with ESMTP id IAA18519 for <doc-jp@jp.freebsd.org>; Sat, 9 Sep 2000 08:52:05 +0900 (JST)
Message-Id: <200009082352.IAA18519@mail.geocities.co.jp>
Received: from localhost (alph.hrs.jp [192.168.0.10])
	by mail.hrs.jp (8.9.3/3.7W/DomainMaster) with ESMTP id IAA30645
	for <doc-jp@jp.freebsd.org>; Sat, 9 Sep 2000 08:13:09 +0900 (JST)
	(envelope-from hrs@hrs.jp)
To: doc-jp@jp.freebsd.org
X-Mailer: Mew version 1.94.1 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Multipart/Mixed;
 boundary="--Next_Part(Sat_Sep__9_08:11:58_2000_809)--"
Content-Transfer-Encoding: 7bit
Date: Sat, 09 Sep 2000 08:13:08 +0900
From: Hiroki Sato <hrs@geocities.co.jp>
X-Dispatcher: imput version 990905(IM130)
Lines: 229
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7687
Subject: [doc-jp 7687] Notes on translation of FreeBSD-SAs
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: hrs@geocities.co.jp

----Next_Part(Sat_Sep__9_08:11:58_2000_809)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

$B:4F#!wEl5~M}2JBg3X$G$9!#(B

 security advisory $B$NK]Lu$K4X$9$k%,%$%I$_$?$$$J$b$N$r(B
 $B4JC1$K$^$H$a$^$7$?!#(B

 $B=>Mh$H$$$/$D$+JQ99$7$?E@$,$"$j$^$9!#(B

  * $B%X%C%@(B

    $B%_%i!<%5%$%H$N0FFb$G$9$,!":#2s$N$b$N$N$h$&$KK\J8Cf$K(B
    $B2?EY$bF~$l$k$N$O<j4V$,$+$+$k$N$G%X%C%@$KF~$l$F$_$^$7$?!#(B
    $B$^$?!"F|K\8lHG$N4+9p$N%j%s%/$r$^$H$a$F$$$k%Z!<%8$N>R2p$b(B
    $B4^$a$F$"$j$^$9!#(B

     # $B$A$g$C$HD9$$$N$,5$$K$J$C$F$^$9$1$I!#(B

  * $B%;%/%7%g%s%?%$%H%k(B

    $B:#2s$+$i(B Workaround $B$H(B Solution $B$rJQ99$7$^$7$?!#(B

  * $B%j%s%/$NJ;5-%k!<%k$NDI2C(B

    $BF|K\8lHG$N$"$k$b$N$O!"$J$k$Y$/$=$l$rJ;5-$9$k%k!<%k$r(B
    $BDI2C$7$F$$$^$9!#(B

--
| $B:4F#(B $B9-@8!wEl5~M}2JBg3X(B <hrs@geocities.co.jp>
|
|                                sato@sekine00.ee.noda.sut.ac.jp(UNIV)
|                                     hrs@FreeBSD.org(FreeBSD Project)

----Next_Part(Sat_Sep__9_08:11:58_2000_809)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="freebsd-sa.txt"

$hrs: FreeBSD-SA/freebsd-sa.txt,v 1.1 2000/09/08 23:00:33 hrs Exp $

FreeBSD Securiy Advisory $BK]Lu%a%b(B
---------------------------------

$B$3$l$O(B FreeBSD Security Advisory $B$NK]Lu:n6H$K$*$1$k(B
$BCm0UE@$K$D$$$F(B, $B:4F#$,8D?ME*$K$^$H$a$?%a%b$G$9(B.

1) $B%X%C%@(B

 $B$^$:!"K]LuHG$N%X%C%@$rDI2C$7$^$9!#$=$N%X%C%@$K$O!"(B

  * announce-jp $B$KN.$l$?%a!<%k$N%a!<%k%X%C%@(B
  * $BK]Lu$O;29M;qNA$G$"$j!"4+9p$H$7$FM-8z$J$N$O86J8$G$"$k$3$H$r(B
    $BL@5-$7$?Cm0U=q$-(B
  * $B%_%i!<%5%$%H$N0FFb(B

 $B$rF~$l$F$/$@$5$$!#(B

 $B40A4$JNc$r0J2<$K<($7$^$9!#(B

-*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*-
 $B$3$N%a!<%k$O(B, announce-jp $B$KN.$l$?(B

  Subject: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA-00:34.dhclient
  From: FreeBSD Security Advisories <security-advisories@freebsd.org>
  Date: Mon, 14 Aug 2000 15:48:48 -0700 (PDT)
  Message-Id: <20000814224848.4311837B69B@hub.freebsd.org>
  X-Sequence: announce-jp 502

 $B$rF|K\8lLu$7$?$b$N$G$9(B. 

 $B$3$N4+9p$NCf$G>R2p$5$l$F$$$k(B WWW $B%5%$%H(B http://www.FreeBSD.org/ $B$*$h$S(B
 FTP $B%5%$%H(B ftp://ftp.FreeBSD.org/ $B$K$O(B, $BF|K\$N%_%i!<%5%$%H$,B8:_$7$^$9(B.
 $B%_%i!<%5%$%H$rMxMQ$9$k$K$O(B,
 http://www.FreeBSD.org/ $B$r(B http://www.jp.FreeBSD.org/www.freebsd.org/ $B$K(B,
 ftp://ftp.FreeBSD.org/ $B$r(B ftp://ftp.jp.FreeBSD.org/ $B$K(B,
 $B$=$l$>$lCV$-49$($F$/$@$5$$(B.

 $B%M%C%H%o!<%/$N:.;($r4KOB$9$k$?$a(B, $B$^$:$O%_%i!<%5%$%H$NMxMQ$r(B
 $B9MN8$9$k$h$&$*4j$$$7$^$9(B.  $B%_%i!<%5%$%H$K4X$9$k>\:Y$O(B

  http://www.FreeBSD.org/handbook/mirror.html ($B1QJ8(B)
  http://www.FreeBSD.org/www.freebsd.org/ja/handbook/mirror.html ($BF|K\8lLu(B)

 $B$K(B, $B$^$?(B, $B2a5n$NF|K\8lHG%;%-%e%j%F%#4+9p$O(B

  http://www.FreeBSD.org/www.freebsd.org/ja/security/

 $B$K$^$H$a$i$l$F$$$^$9(B.

 $B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,(B, $B$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s(B. 
 $B%Q%C%AEy$NFbMF$,2~cb$5$l$F$$$J$$$3$H$r3NG'$9$k$?$a$K(B PGP $B$N%A%'%C%/$r(B
 $B9T$J$&$K$O(B, $B86J8$r;2>H$7$F$/$@$5$$(B. 

 $BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B (doc-jp) $B$,;29M$N(B
 $B$?$a$KDs6!$9$k$b$N$G(B, doc-jp $B$O(B $B$=$NFbMF$K$D$$$F$$$+$J$kJ]>Z$b$$$?$7$^$;$s(B.
 $BF|K\8lLu$K$D$$$F$N$*Ld$$9g$o$;$O(B doc-jp@jp.FreeBSD.org $B$^$G$*4j$$$7$^$9(B.

--($B$3$3$+$i(B)
-*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*-

2) Security Advisory $B%X%C%@(B

$BBPLuI=$O<!$N$H$*$j$G$9(B.

Topics          $B%H%T%C%/(B
Category        $BJ,N`(B
Module          $B%b%8%e!<%k(B
Announced       $B9pCNF|(B
Affect          $B1F6AHO0O(B
Credit          $B%/%l%8%C%H(B
Vender Status   $B%Y%s%@$NBP1~(B
Corrented       $B=$@5F|(B
FreeBSD only    FreeBSD $B$K8GM-$+(B

 $B2a5n$N$b$N$NB?$/$O!"%H%T%C%/!"%b%8%e!<%k$rK]Lu$7$F$$$^$;$s!#(B
 $B%H%T%C%/$NK]Lu$O9%$_$NJ,$+$l$k$H$3$m$@$H;W$o$l$^$9$,!"(B
 $B%b%8%e!<%k$NK]Lu$OI,MW$J$$$G$7$g$&!#(B

3) $B%;%/%7%g%s%?%$%H%k(B

$BBPLuI=$O<!$N$H$*$j$G$9(B.

Background              $BGX7J(B
Problem Description     $BLdBj$N>\:Y(B
Impact                  $B1F6AHO0O(B
Workaround              $B2sHrJ}K!(B
Solution                $B2r7h:v(B

4) $BK]Lu$N:]$NCm0UE@(B

 $B4pK\E*$K86J8$K1h$C$FK]Lu$9$l$P(B OK $B$G$9!#(B
 $B6gFIE@$O(B "," $B$H(B "." $B$KE}0l$7$F$/$@$5$$!#(B
 $B2DFI@-$r9b$a$k$?$a!"6gFIE@$N8e$K$O6uGr$rF~$l$k$HNI$$$G$7$g$&!#(B

 $BJ8>O$K$O3F4+9p$G$[$H$s$IF1$8Dj7?ItJ,$,B8:_$7$^$9$N$G!"(B
 $B$=$NItJ,$NK]Lu$K$O!"2a5n$NK]Lu$,;29M$K$J$k$H;W$$$^$9!#(B

 $B$^$?!";qNA$X$N%j%s%/$O!"BP1~$9$kF|K\8l;qNA$,$"$l$P(B

  http://www.FreeBSD.org/ ($B1QJ8(B)
  http://www.jp.FreeBSD.org/www.freebsd.org/ ($BF|K\8lLu(B)

 $B$N$h$&$K!"F|K\8lLu$X$N%j%s%/$rJ;5-$7$F$/$@$5$$!#(B

 $B86J8$K8m$j$H;W$o$l$kItJ,$rH/8+$7$?$i!"LuCm$rF~$l$F$/$@$5$$!#(B
 $B4+9p<+BN$,(B [REVISED] $B$H$7$F:FH/9T$5$l$k$3$H$b$"$j$^$9$N$G!"(B
 $B8m$j$+$I$&$+H=CG$,Fq$7$1$l$P!"(Bdoc-jp@jp.FreeBSD.org $B$NJ}$X(B
 $BAjCL$9$k$HNI$$$G$7$g$&!#(B

5) $BNI$/;H$o$l$kMQ8l$HLu(B

 $B%;%-%e%j%F%#4XO"$GNI$/EP>l$9$kMQ8l$G!"2a5n$N4+9p$NK]Lu$J$I$G(B
 $B:4F#(B (hrs@jp.FreeBSD.org) $B$,8D?ME*$K;H$C$F$$$kLu8l$r0J2<$K<($7$^$9!#(B
 $B$?$@$7$3$l$O!"=>$o$J$1$l$P$J$i$J$$$H$$$&@-<A$N$b$N$G$O$"$j$^$;$s!#(B
 $B!V0UL#$,M}2r$G$-$k$h$&$KLu$9!W$3$H$rBh0l$NL\E*$H$7$F$$$k$?$a!"(B
 $B8N0U$K>\$7$/Lu$7$F$$$k$b$N$,?tB?$/$"$j$^$9!#(B

 $B$b$7!"2~A10F$dDI2C$7$?$[$&$,NI$$MQ8l$J$I$"$j$^$7$?$i$40lJs2<$5$$!#(B

world-writable                  $BC/$b$,=q$-9~$_2DG=$J(B($BB0@-$r;}$D!A(B)
package(s)                      $B$=$N$^$^!#$?$@$7%Q%C%1!<%8%7%9%F%`0lHL$r(B
                                $B;X$9>l9g$N$_!V%Q%C%1!<%8!W$H$9$k!#(B
port(s)                         $B$=$N$^$^!#!V%]!<%H!W$H$7$J$$!#(B
internal auditing               $BFbIt%;%-%e%j%F%#4F::(B
Denial of Service Attack        $B%5!<%S%9K832967b(B
Distributed DoS                 $BJ,;67?%5!<%S%9K832967b(B
Man-in-the-middle Attack        $BBh;0<T$K$h$k2pF~967b(B
apply patch                     $B=$@5%Q%C%A$rE,MQ$9$k(B
arbitrary code                  $BG$0U$N%3!<%I(B
attacker                        $B967b<T(B
buffer overflow                 $B%P%C%U%!%*!<%P%U%m!<(B
drop privilege                  $B8"8B$rL58z2=$9$k(B
exploit                         ($B%;%-%e%j%F%#>e$N<eE@$r(B)$B0-MQ$9$k(B
an exploit                      ($B%;%-%e%j%F%#>e$N<eE@$r(B)$B0-MQ$9$k%3!<%I(B, $B0-MQ(B
exploit code                    ($B%;%-%e%j%F%#>e$N<eE@$r(B)$B0-MQ$9$k%3!<%I(B
gain                            $BF@$k(B, $BC%$&(B
gain A privilege                A $B$N8"8B$rC%$&(B
gain root access                root $B8"8B$rC%$&(B
hashed password                 $B0E9f2=$5$l$?%Q%9%o!<%I(B(hashed password)
increased privilege             ($BDL>o$h$j$b(B)$B9b$$8"8B(B
local                           $B%m!<%+%k$N(B
local exploit                   $B%m!<%+%k$G(B($B<eE@$r(B)$B0-MQ$9$k(B
mount guessing attacks against  $B%Q%9%o!<%I?dB,967b$r2C$($k(B
patch                           $B=$@5%Q%C%A(B
ports collection                Ports Collection ($B@hF,BgJ8;z$N8GM-L>;l07$$(B)
potentially exploitable         $B0-MQ$5$l$k4m81@-$N$"$k(B
privilege                       $B8"8B(B
remote                          $B%j%b!<%H$N(B
remote exploit                  $B%j%b!<%H$+$i(B($B<eE@$r(B)$B0-MQ$9$k(B
root                            root $B%f!<%6(B/root $B8"8B(B
root compromise                 root $B8"8B$,C%$o$l$k4m81(B
root access                     root $B8"8B$X$N%"%/%;%9(B
run A as root                   root $B8"8B$G(B A $B$r<B9T$9$k(B
security policy                 $B%;%-%e%j%F%#%]%j%7(B
security vulnerability          $B%;%-%e%j%F%#>e$N<eE@(B
setgid A                        A $B%0%k!<%W$G(B setgid $B$5$l$k(B($BI{;lE*$K;H$o$l$k(B)
setuid A                        A $B%f!<%6$G(B setuid $B$5$l$k(B($BI{;lE*$K;H$o$l$k(B)
stack overflow                  $B%9%?%C%/%*!<%P%U%m!<(B
system compromise               $B%7%9%F%`A4BN$,6<0R$K$5$i$5$l$k4m81(B
unprivileged users              $B9b$$8"8B$r;}$?$J$$%f!<%6(B
upgrade privilege to full root access
                                $B40A4$J(B root $B8"8B$X%"%/%;%9$G$-$k8"8B$r<j$KF~$l$k(B
a very insecure style           $B%;%-%e%j%F%#$r9MN8$7$J$$%9%?%$%k(B
victim                          $B967bBP>](B
vulnerability                   $B%;%-%e%j%F%#>e$N<eE@(B
vulnerable                      $B%;%-%e%j%F%#>e$N<eE@$r;}$C$?(B

6) $B<U<-(B

 $B%;%-%e%j%F%#4+9p$NK]Lu$d!"K]Lu%A%'%C%/$K6(NO$5$l$?3'MM(B ($B8^==2;=g(B):

 $B4dT"(B $BCNI'(B Tomohiko Iwakuni <iwac@sta.att.ne.jp>
 $B7*;3(B $B=_(B Jun Kuriyama <kuriyama@FreeBSD.org>
 $B$3$,(B $B$h$&$$$A$m$&(B Yoichiro Koga <y-koga@jp.FreeBSD.org>
 $B8eF#(B $BBgCO(B Daichi Goto <daichi@ongs.net>
 $B:dFb(B $BFX(B Atsushi Sakauchi <sakauchi@yamame.to>
 $B<D5\(B Shunsuke Shinomiya <s-shino@kt.rim.or.jp>
 $BNkLZ!!=U(B Shun Suzuki <si006@ccm.gs.niigata-u.ac.jp>
 $BIZED(B $B=E@.(B Shigenari Tomita <ts@icu.ac.jp>
 $BD9C+It(B $BAo(B Satoshi Hasebe <hasebe@telecom0.eng.niigata-u.ac.jp>
 $BEl(B $BBgN<(B Daisuke Higashi <dais@iris.dti.ne.jp>
 $BF|Ln(B $B9@;V(B Koji Hino <hino@ccm.cl.nec.co.jp>
 $B?9(B $BD>G7(B Naoyuki Mori <mori@jp.FreeBSD.org>
 $BEr86(B Shinichi Yuhara <yuhara@po.cnet-sb.ne.jp>
 $B<cNS(B $B?J(B Susumu Wakabayashi <susumu-w@jp.FreeBSD.org>

----Next_Part(Sat_Sep__9_08:11:58_2000_809)----
