Bugtraq mailing list archives
Re: Exploiting Kernel Buffer Overflows FreeBSD Style
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert () uumail gov bc ca>
Date: Fri, 29 Dec 2000 09:40:43 -0800
In message <20001228213912.N19572 () fw wintelcom net>, Alfred Perlstein writes:
* Esa Etelavuori <eetelavu () CC HUT FI> [001228 13:50] wrote:-----BEGIN PGP SIGNED MESSAGE----- Exploiting Kernel Buffer Overflows FreeBSD Style: Defeating Security Levels and Breaking Out of Jail(2) Esa Etelavuori December 28, 2000 1. Introduction This is a detailed case study discussing the exploitation of the FreeBSD kernel process filesystem buffer overflow vulnerability [7]. This is FreeBSD/i386 specific, but some of these techniques are applicable to other systems, and perhaps give a new insight to regular buffer overflows.You didn't mention that you contacted us about this over a month ago and the bug seems to be patched in both the stable and devel versions of FreeBSD as well as 4.2-release.
He does reference FreeBSD Security Advisory: FreeBSD-SA-00:77, December 2000 in the references section, though additional attention could have been brought to this reference in the article. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert () osg gov bc ca Open Systems Group, ITSD, ISTA Province of BC
Current thread:
- Re: Exploiting Kernel Buffer Overflows FreeBSD Style Cy Schubert - ITSD Open Systems Group (Jan 02)