Bugtraq mailing list archives
Re: OpenBSD 2.9,2.8 local root compromise
From: "Rick Updegrove" <dislists () updegrove net>
Date: Fri, 15 Jun 2001 13:44:57 -0700
From: "Andreas Haugsnes" <andreas () haugsnes no> The exploit does work! It is not easy to execute however, (thank goodness) It took me several tries on OpenBSD 2.8 It is all about timing.
The OpenBSD-team has known about this for -6- days (15th of June),
They knew about it a lot longer than that! There was a post before guninski's about it that never developed into a thread for some reason. My reply to it was rejected!
and they haven't been able to come up with atleast a temporary fix? I can't find anything on errdata / security warnings, what's up with that?
It been fixed the patch is available. ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/030_kernexec.patch"
Current thread:
- OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Rick Updegrove (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise dmuz (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Tony Lambiris (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Peter van Dijk (Jun 16)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise jon (Jun 15)
- <Possible follow-ups>
- RE: OpenBSD 2.9,2.8 local root compromise Brian McKinney (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)