Re: OpenBSD kernel holes ...

To: noir@xxxxxxxxxxxxx
Subject: Re: OpenBSD kernel holes ...
From: Steve Tornio <steve@xxxxxxxxxxx>
Date: Tue, 18 Nov 2003 14:19:22 -0600
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <Pine.GSO.4.44.0311181334410.824-200000@xxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

<snip>

from http://www.wideopenbsd.org/errata.html

All architectures

     005: RELIABILITY FIX: November 4, 2003

It is possible for a local user to cause a system panic byexecuting

     a specially crafted binary with an invalid header.
     A source code patch exists which remedies the problem.


reliability ??? ehh ;-P yeah yeah right!


um, that's the wrong errata entry.  For 3.4 -

006: SECURITY FIX: November 17, 2003

It may be possible for a local user to overrun the stack incompat_ibcs2(8).ProPolice catches this, turning a potential privilege escalation intoa denial of service. iBCS2 emulation does not need to be enabled viasysctl(8) for this to happen.

 A source code patch exists which remedies the problem.

Taken from http://www.openbsd.org/security.html#34

Follow-Ups:
- Re: OpenBSD kernel holes ...
  - From: noir

References:
- OpenBSD kernel holes ...
  - From: noir

Prev by Date: Re: Security researchers organization
Next by Date: Re: Security researchers organization
Previous by thread: OpenBSD kernel holes ...
Next by thread: Re: OpenBSD kernel holes ...
Index(es):
- Date
- Thread