Re: OpenBSD Security Advisory

[Tim Yardley <yardley () UIUC EDU>]

I would like to add to this in stating that it seems to almost always be
OpernBSD's practice to silently fix bugs.  I also agree that it is not in
the best interest of everyone else out there.

To expound upon the fstat issue, on 2.6 (using the canned exploit) you get
egid=2 (kmem).  2.8 does not give you a shell, but instead results in a
"File name too long" message.

/tmy

At 02:31 AM 10/4/2000, K2 wrote:
>        Here is another exploit for an application (fstat) that
> OpenBSD's
> format string audit has seemingly forgotten about.  What I would like to

<snip>

> Where are these advisories from the OpenBSD TEAM?  Is their pride to
> great to accept these bugs, code fix, announce patch and move on?
>
> I do not believe that silently fixing vulnerabilities is in the best
> interest of anybody.
>
> ------------------
> K2  (ktwo () ktwo ca)
> http://www.ktwo.ca
>
> PS. Thx caddis for some tips ;)/*
>  *  theoBSD fstat - private caddis & K2 release
>  *  TagTeam exploit coding @$_*#%*&(#%(**(@$*($@
>  *
>  *  greets: #!adm, #!teso, #!w00w00
>  *
>  */

<snip>

/tmy

-- Diving into infinity my consciousness expands in inverse
   proportion to my distance from singularity

+-------- ------- ------ ----- ---- --- -- --- ------ ------- -------- -
--------------+
| Tim Yardley (yardley () uiuc edu)
| http://www.students.uiuc.edu/~yardley/
+-------- ------- ------ ----- ---- --- -- --- ------ ------- -------- -
--------------+