Home page logo

bugtraq logo Bugtraq mailing list archives

Re: OpenBSD 2.9,2.8 local root compromise
From: Georgi Guninski <guninski () guninski com>
Date: Fri, 15 Jun 2001 18:59:00 +0300


Andreas Haugsnes wrote:

I must say that I gasped and had to wipe sweat from my
forehead when I read, tested and could confirm this

The OpenBSD-team has known about this for -6- days (15th of June),
and they haven't been able to come up with atleast a temporary fix?
I can't find anything on errdata / security warnings,
what's up with that?

I have communicated with several vendors and IMHO the OpenBSD folks are quite nice.
They are much better than Microsoft for example.
I believe that this patch is not trivial.

Georgi Guninski

Andreas Haugsnes

On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
Georgi Guninski security advisory #47, 2001

OpenBSD 2.9,2.8 local root compromise

Systems affected:
OpenBSD 2.9,2.8
Have not tested on other OSes but they may be vulnerable

Vendor status:
OpenBSD was informed on 9 June 2001.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]