Bugtraq mailing list archives
Re: OpenBSD 2.9,2.8 local root compromise
From: Jason R Thorpe <thorpej () zembu com>
Date: Fri, 15 Jun 2001 10:27:36 -0700
On Fri, Jun 15, 2001 at 09:18:15AM +0200, Andreas Haugsnes wrote:
I must say that I gasped and had to wipe sweat from my forehead when I read, tested and could confirm this exploit. The OpenBSD-team has known about this for -6- days (15th of June), and they haven't been able to come up with atleast a temporary fix? I can't find anything on errdata / security warnings, what's up with that?
If it's any consolation, NetBSD now (as of the 15th) has a fix for this problem in-tree (a pullup for the impending 1.5.1 release is in the queue), and we only found out about it on the 14th. -- -- Jason R. Thorpe <thorpej () zembu com>
Current thread:
- OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Rick Updegrove (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise dmuz (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Tony Lambiris (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Peter van Dijk (Jun 16)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise jon (Jun 15)
- <Possible follow-ups>
- RE: OpenBSD 2.9,2.8 local root compromise Brian McKinney (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)