Bugtraq mailing list archives
Re: OpenBSD Security Advisory
From: "Todd C. Miller" <Todd.Miller () COURTESAN COM>
Date: Wed, 4 Oct 2000 11:31:23 -0600
In message <39DADCB7.4E416D8B () ktwo ca> so spake K2 (ktwo):
Here is another exploit for an application (fstat) that OpenBSD's format string audit has seemingly forgotten about. What I would like to know is why this and a number of other privileged applications have security vulnerabilities in them. They WERE fixed, but NO ADVISORY nor ANY MENTION IN THEIR DAILY CHANGLOG! How can the impact of the vulnerability not be realized when they occur in something as privileged as that would be using pw_error()?
As one of the people who took part in the audit I can honestly say that we didn't think they *were* exploitable. There was no intention of hiding any fixes, we just went through the entire source tree (we did not target privileged programs specifically) and fixed format string problems where we found them and released patches for those we knew to be exploitable (like xlock). None of us are in the business of writing exploits--we just fix broken code... - todd
Current thread:
- OpenBSD Security Advisory Aaron Campbell (Oct 03)
- <Possible follow-ups>
- Re: OpenBSD Security Advisory K2 (Oct 04)
- Re: OpenBSD Security Advisory Todd C. Miller (Oct 04)
- Re: OpenBSD Security Advisory Tim Yardley (Oct 04)
- talkd [WAS: Re: OpenBSD Security Advisory] Chris Evans (Oct 05)
- Re: OpenBSD Security Advisory Jeremy C. Reed (Oct 08)