On Sun, May 07, 2000 at 11:44:14AM +0100, Cyber Hunter wrote: > Does anyone know anything about the vulnerability found by the group LSD in > the x86 systems ? That has helped them to win the Argus Event ? > http://www.argus-systems.com/events/infosec/#Rules > > I would like to study this. Probably from the 2001-002 NetBSD advisory, see below for the start of it (bugtraq archives, netbsd site, etc. for the whole thing). It specifically mentions that Solaris x86 has the same problem mentioned in the advisory. -eric --- NetBSD Security Advisory 2001-002 ================================= Topic: Vulnerability in x86 USER_LDT validation. Version: All versions of NetBSD, on the i386 platform ONLY. Severity: Local users may execute code with system priveleges Fixed: NetBSD-current: January 16, 2001 NetBSD-1.5 branch: January 17, 2001 NetBSD-1.4 branch: January 17, 2001 ---
This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 21:22:35 PDT