Re: x86 vulnerability ?

From: Eric Hall (infoat_private)
Date: Tue Apr 24 2001 - 16:27:33 PDT

Next message: eEye Digital Security: "IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability"

Previous message: Majid Almassari: "Re: x86 vulnerability ?"
Next in thread: Andrew R. Reiter: "Re: x86 vulnerability ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, May 07, 2000 at 11:44:14AM +0100, Cyber Hunter wrote:
> Does anyone know anything about the vulnerability found by the group LSD in
> the x86 systems ? That has helped them to win the Argus Event ?
> http://www.argus-systems.com/events/infosec/#Rules
>
> I would like to study this.

	Probably from the 2001-002 NetBSD advisory, see below
for the start of it (bugtraq archives, netbsd site, etc. for
the whole thing).  It specifically mentions that Solaris x86
has the same problem mentioned in the advisory.


			-eric


---
                 NetBSD Security Advisory 2001-002
                 =================================

Topic:          Vulnerability in x86 USER_LDT validation.
Version:        All versions of NetBSD, on the i386 platform ONLY.
Severity:       Local users may execute code with system priveleges
Fixed:          NetBSD-current:    January 16, 2001
                NetBSD-1.5 branch: January 17, 2001
                NetBSD-1.4 branch: January 17, 2001

---

Next message: eEye Digital Security: "IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability"
Previous message: Majid Almassari: "Re: x86 vulnerability ?"
Next in thread: Andrew R. Reiter: "Re: x86 vulnerability ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 21:22:35 PDT