Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: OpenBSD 2.9,2.8 local root compromise
From: Jason R Thorpe <thorpej () zembu com>
Date: Fri, 15 Jun 2001 10:27:36 -0700

On Fri, Jun 15, 2001 at 09:18:15AM +0200, Andreas Haugsnes wrote:

I must say that I gasped and had to wipe sweat from my
forehead when I read, tested and could confirm this
exploit.

The OpenBSD-team has known about this for -6- days (15th of June),
and they haven't been able to come up with atleast a temporary fix?
I can't find anything on errdata / security warnings,
what's up with that?

If it's any consolation, NetBSD now (as of the 15th) has a fix for this
problem in-tree (a pullup for the impending 1.5.1 release is in the queue),
and we only found out about it on the 14th.

-- 
        -- Jason R. Thorpe <thorpej () zembu com>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault