Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: OpenBSD 2.9,2.8 local root compromise
From: "Rick Updegrove" <dislists () updegrove net>
Date: Fri, 15 Jun 2001 13:44:57 -0700

From: "Andreas Haugsnes" <andreas () haugsnes no>

The exploit does work!  It is not easy to execute however, (thank goodness)  It
took me several tries on OpenBSD 2.8

It is all about timing.

The OpenBSD-team has known about this for -6- days (15th of June),

They knew about it a lot longer than that!  There was a post before guninski's
about it that never developed into a thread for some reason.  My reply to it was
rejected!

and they haven't been able to come up with atleast a temporary fix?
I can't find anything on errdata / security warnings,
what's up with that?

It been fixed the patch is available.

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/030_kernexec.patch";


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]