Re: FreeBSD (and other BSDs?) local root explot

From: Stas Kisel (stasat_private)
Date: Wed Sep 01 1999 - 01:05:01 PDT

Next message: Christian Koderer: "MW"

Previous message: Petter Wahlman : "limit maximum nr. of processes."
Next in thread: Charles M. Hannum: "Re: FreeBSD (and other BSDs?) local root explot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From: Ollivier Robert <robertoat_private>
> Subject:      Re: FreeBSD (and other BSDs?) local root explot
>
> According to Todd C. Miller:
> > that one of the FreeBSD guys was recently working on incorporating
> > changes from the OpenBSD fts.c.  I don't see the relevant change in
> > FreeBSD-current though.
> It has been committed to all three branches, 4.0-CURRENT, 3.2-STABLE and
> even 2.2-STABLE.
>   Log:
>   Don't follow symlinks on coredumps and ktrace.

This does not fix the bug in fts.c.
I believe that this bug can be exploited to gain root privileges in other
way than overwriting files with a core.
I still have not exploit, so this is theoretical problem only.
But many people like "to make theoretical practical" :)

\bye
Stas

Next message: Christian Koderer: "MW"
Previous message: Petter Wahlman : "limit maximum nr. of processes."
Next in thread: Charles M. Hannum: "Re: FreeBSD (and other BSDs?) local root explot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:08 PDT