[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SpenderSEC Advisory #1

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] SpenderSEC Advisory #1
From: Pavel Kankovsky <peak@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 22 Jun 2004 18:35:11 +0200 (MET DST)

On Sun, 20 Jun 2004 spendersec@xxxxxxxxxxxx wrote:

> The first major problem is present in the OpenBSD patch in at [1],
> where the failure of falloc() results in a continuation of the loop,
> which can update the value of the error variable, resulting in either
> fd 0 or fd 1 not being correctly reopened to /dev/null while a
> successful falloc() for fd 2 sets error to a suitable value.

Old news, Mr Spender(?),
see http://www.securityfocus.com/archive/1/10147/1998-07-25/1998-07-31/2
or  http://seclists.org/lists/bugtraq/1998/Jul/0376.html

> Hmm. In theory, yes. But OpenBSD implementation seems to have a
> potential small hole. It should abort when it cannot fix everything
> but it does not. PERHAPS, a temporary resource starvation could break
> it.

This was sent that to Bugtraq (and cc'ed to Theo de Raadt) in 1998.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] search engine proxy
  - From: Geo.

References:
- [Full-Disclosure] SpenderSEC Advisory #1
  - From: spendersec

Prev by Date: Re: [Full-Disclosure] M$ - so what should they do?
Next by Date: [Full-Disclosure] RE: M$ - so what should they do?
Previous by thread: [Full-Disclosure] SpenderSEC Advisory #1
Next by thread: [Full-Disclosure] search engine proxy
Index(es):
- Date
- Thread