Bugtraq mailing list archives
Re: OpenBSD kernel holes ...
From: Steve Tornio <steve () vitriol net>
Date: Tue, 18 Nov 2003 14:19:22 -0600
<snip>
from http://www.wideopenbsd.org/errata.html All architectures 005: RELIABILITY FIX: November 4, 2003It is possible for a local user to cause a system panic by executinga specially crafted binary with an invalid header. A source code patch exists which remedies the problem. reliability ??? ehh ;-P yeah yeah right!
um, that's the wrong errata entry. For 3.4 - 006: SECURITY FIX: November 17, 2003It may be possible for a local user to overrun the stack in compat_ibcs2(8). ProPolice catches this, turning a potential privilege escalation into a denial of service. iBCS2 emulation does not need to be enabled via sysctl(8) for this to happen.
A source code patch exists which remedies the problem. Taken from http://www.openbsd.org/security.html#34
Current thread:
- OpenBSD kernel holes ... noir (Nov 18)
- Re: OpenBSD kernel holes ... Steve Tornio (Nov 18)
- Re: OpenBSD kernel holes ... noir (Nov 18)
- Re: OpenBSD kernel holes ... Coleman Kane (Nov 18)
- Re: OpenBSD kernel holes ... noir (Nov 19)
- Re: OpenBSD kernel holes ... Thamer Al-Harbash (Nov 20)
- Re: OpenBSD kernel holes ... Steve Tornio (Nov 18)