[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD kernel holes ...

To: noir@uberhax0r.net
Subject: Re: OpenBSD kernel holes ...
From: Steve Tornio <steve@vitriol.net>
Date: Tue, 18 Nov 2003 14:19:22 -0600

<snip>

from http://www.wideopenbsd.org/errata.html

All architectures

005: RELIABILITY FIX: November 4, 2003 It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. A source code patch exists which remedies the problem.

reliability ??? ehh ;-P yeah yeah right!

um, that's the wrong errata entry. For 3.4 -

006: SECURITY FIX: November 17, 2003 It may be possible for a local user to overrun the stack in compat_ibcs2(8). ProPolice catches this, turning a potential privilege escalation into a denial of service. iBCS2 emulation does not need to be enabled via sysctl(8) for this to happen. A source code patch exists which remedies the problem.

Taken from http://www.openbsd.org/security.html#34

Follow-Ups:
- Re: OpenBSD kernel holes ...
  - From: noir@uberhax0r.net

References:
- OpenBSD kernel holes ...
  - From: noir@uberhax0r.net

Prev by Date: [RHSA-2003:288-01] Updated XFree86 packages provide security and bug fixes
Next by Date: Re: Security researchers organization
Previous by thread: OpenBSD kernel holes ...
Next by thread: Re: OpenBSD kernel holes ...
Index(es):
- Date
- Thread