Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure

From: "Rogier Mulhuijzen" <rogier.mulhuijzen () office casema nl>
Date: Mon, 20 Nov 2006 11:51:31 +0100
Is it me, or do you need to be root or a member of the operator group to
be able to perform an IOCTL on /dev/fw*. In FreeBSD at least, /dev/fw*
is only accessible by root (read/write) and members of the operator
group (read-only).

It might be a bug, I'll grant you that, but it's not disclosure to local
users. It's to local users who are part of the operators group. Those
are 1) rare and 2) able to read disk devices directly, which is a little
more useful than being able to read memory.

Please correct me if I'm wrong.

Cheers,

        Rogier


-----Original Message-----
From: Rodrigo Rubira Branco (BSDaemon) 
[mailto:rodrigo () kernelhacking com]
Sent: woensdag 15 november 2006 13:53
To: vulnwatch () vulnwatch org; "full-
disclosure () lists grok org uk"@fjaunet.com.br;
"bugtraq () securityfocus com"@fjaunet.com.br;
"exploits () whitestar linuxbox org"@fjaunet.com.br;
"list () securiteam com"@fjaunet.com.br
Cc: rodrigo () kernelhacking com
Subject: FreeBSD all versions FireWire IOCTL kernel integer overflow 
information disclousure

--
http://www.kernelhacking.com/rodrigo

Kernel Hacking: If i really know, i can hack

GPG KeyID: 5E90CA19



________________________________________________
Message sent using UebiMiau 2.7.2




This e-mail message and its attachments are subject to the disclaimer published at the following website of Casema: 
http://www.casema.nl/disclaimer
Previous By Date Next
Previous By Thread Next

Current thread: