Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: procfs hole
From: garbanzo () HOOKED NET (Alex)
Date: Sun, 10 Aug 1997 22:30:42 -0700

On Sun, 10 Aug 1997, Eivind Eklund wrote:



There is a major hole in procfs under FreeBSD 2.2.1 (2.1 is not affected,
I have not tested 3.x but I believe it to be vulnerable as well) along
with OpenBSD (not tested by me, but by someone else -- believe it was
2.1-RELEASE although obsd doesnt mount procfs by default like freebsd
does).


Temporary fix: Disable the /proc filesystem.  Setting ro instead of rw in
/etc/fstab or chmod'ing on the mountpoint do _not_ work.

Eivind,
looking for a proper fix, but not expecting to get there before David.


There was a patch released on FreeBSD-Hackers about 3 or so hours ago,
that claims to fix the problem.

- alex

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]