Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Exploiting Kernel Buffer Overflows FreeBSD Style
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert () uumail gov bc ca>
Date: Fri, 29 Dec 2000 09:40:43 -0800

In message <20001228213912.N19572 () fw wintelcom net>, Alfred Perlstein
writes:
* Esa Etelavuori <eetelavu () CC HUT FI> [001228 13:50] wrote:
-----BEGIN PGP SIGNED MESSAGE-----

            Exploiting Kernel Buffer Overflows FreeBSD Style:
          Defeating Security Levels and Breaking Out of Jail(2)
                             Esa Etelavuori
                           December 28,  2000

1. Introduction

This is a detailed case study discussing the exploitation of the FreeBSD
kernel process filesystem buffer overflow vulnerability [7]. This is
FreeBSD/i386 specific, but some of these techniques are applicable
to other systems, and perhaps give a new insight to regular buffer
overflows.

You didn't mention that you contacted us about this over a month
ago and the bug seems to be patched in both the stable and devel
versions of FreeBSD as well as 4.2-release.

He does reference FreeBSD Security Advisory: FreeBSD-SA-00:77, December
2000 in the references section, though additional attention could have
been brought to this reference in the article.


Regards,                         Phone:  (250)387-8437
Cy Schubert                        Fax:  (250)387-5766
Team Leader, Sun/Alpha Team   Internet:  Cy.Schubert () osg gov bc ca
Open Systems Group, ITSD, ISTA
Province of BC


  By Date           By Thread  

Current thread:
  • Re: Exploiting Kernel Buffer Overflows FreeBSD Style Cy Schubert - ITSD Open Systems Group (Jan 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault