Re: [Full-Disclosure] RE: remote kernel exploits?

From: Jacques A. Vidrine (nectarat_private)
Date: Tue Sep 10 2002 - 13:46:27 PDT

Next message: Gommers, Joep: "[Full-Disclosure] RE: remote kernel exploits?"

Previous message: Garbrecht, Frederick: "RE: UDP flood on port 2001"
In reply to: Yonatan Bokovza: "RE: remote kernel exploits?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Sep 10, 2002 at 06:40:59PM +0300, Yonatan Bokovza wrote:
> It might be the case that this is the problem:
> http://www.openbsd.org/errata.html#scarg
> I know that a similar problem was fixed in FreeBSD a little
> later, but I can't find the correct pointer.

I believe the `similar problem' to which you refer is described here:
<URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc>

> Since this is a problem in the kernel, it might be remotely
> exploitable.

These are problems in the handling of arguments to certain system
calls.  So no, they are not remotely exploitable by themselves.

Cheers,
-- 
Jacques A. Vidrine <nectarat_private>          http://www.celabo.org/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrineat_private     .  nectarat_private  .          nectarat_private
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Gommers, Joep: "[Full-Disclosure] RE: remote kernel exploits?"
Previous message: Garbrecht, Frederick: "RE: UDP flood on port 2001"
In reply to: Yonatan Bokovza: "RE: remote kernel exploits?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 10 2002 - 15:13:01 PDT