Bugtraq mailing list archives
RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
From: "Rogier Mulhuijzen" <rogier.mulhuijzen () office casema nl>
Date: Mon, 20 Nov 2006 11:51:31 +0100
Is it me, or do you need to be root or a member of the operator group to be able to perform an IOCTL on /dev/fw*. In FreeBSD at least, /dev/fw* is only accessible by root (read/write) and members of the operator group (read-only). It might be a bug, I'll grant you that, but it's not disclosure to local users. It's to local users who are part of the operators group. Those are 1) rare and 2) able to read disk devices directly, which is a little more useful than being able to read memory. Please correct me if I'm wrong. Cheers, Rogier
-----Original Message----- From: Rodrigo Rubira Branco (BSDaemon) [mailto:rodrigo () kernelhacking com] Sent: woensdag 15 november 2006 13:53 To: vulnwatch () vulnwatch org; "full- disclosure () lists grok org uk"@fjaunet.com.br; "bugtraq () securityfocus com"@fjaunet.com.br; "exploits () whitestar linuxbox org"@fjaunet.com.br; "list () securiteam com"@fjaunet.com.br Cc: rodrigo () kernelhacking com Subject: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure -- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 5E90CA19 ________________________________________________ Message sent using UebiMiau 2.7.2
This e-mail message and its attachments are subject to the disclaimer published at the following website of Casema: http://www.casema.nl/disclaimer
Current thread:
- FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rodrigo Rubira Branco (BSDaemon) (Nov 15)
- Re: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Lucas Holt (Nov 16)
- <Possible follow-ups>
- RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure Rogier Mulhuijzen (Nov 20)