Bugtraq mailing list archives
Re: Freebsd FD exploit
From: "Jacques A. Vidrine" <nectar () FreeBSD org>
Date: Mon, 19 Aug 2002 17:05:04 -0500
On Sun, Aug 18, 2002 at 09:01:13PM -0400, dvdman wrote:
/* Proof Of Concept exploit for the Freebsd file descriptors bug. Freebsd thought they fixed this months ago well guess again :P Thanks to the Freebsd kernel you may now enjoy local root on all freebsd <=4.6 ;) */
[...]
And Freebsd thought they fixed this :P
Well, it _is_ fixed, as of July 30. [...]
thanks Georgi Guninski for ideas
[...]
Several months ago Joost Pol <joost () pine nl> made public almost the same problem. FreeBSD fixed it, but the patch does not cover all the cases.
[...]
PROOF: [dvdman@xxxx:~]$ uname -a FreeBSD xxx.xx 4.6-STABLE FreeBSD 4.6-STABLE #1: Sat Jul27 20:16:20 GMT 2002 dvdman@xxxx:/usr/obj/usr/src/sys/xxx i386
Yes, there was a case missed. Georgi caught it and let us know about it (thanks, Georgi!), and it was repaired around 2002-07-30 15:40:46 UTC in all branches. We released an updated advisory around then, as well. Cheers, -- Jacques A. Vidrine <n () nectar cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine () verio net . nectar () FreeBSD org . nectar () kth se
Current thread:
- Freebsd FD exploit dvdman (Aug 19)
- Re: Freebsd FD exploit Jacques A. Vidrine (Aug 19)