Bugtraq mailing list archives
Re: OpenBSD 2.9,2.8 local root compromise
From: Georgi Guninski <guninski () guninski com>
Date: Fri, 15 Jun 2001 18:59:00 +0300
Hello, Andreas Haugsnes wrote:
I must say that I gasped and had to wipe sweat from my forehead when I read, tested and could confirm this exploit. The OpenBSD-team has known about this for -6- days (15th of June), and they haven't been able to come up with atleast a temporary fix? I can't find anything on errdata / security warnings, what's up with that?
I have communicated with several vendors and IMHO the OpenBSD folks are quite nice. They are much better than Microsoft for example. I believe that this patch is not trivial. Georgi Guninski
Andreas Haugsnes On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:Georgi Guninski security advisory #47, 2001 OpenBSD 2.9,2.8 local root compromise Systems affected: OpenBSD 2.9,2.8 Have not tested on other OSes but they may be vulnerableVendor status: OpenBSD was informed on 9 June 2001.
Current thread:
- OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Rick Updegrove (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Georgi Guninski (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise dmuz (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Andreas Haugsnes (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Tony Lambiris (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Peter van Dijk (Jun 16)
- Re: OpenBSD 2.9,2.8 local root compromise Jason R Thorpe (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise jon (Jun 15)
- <Possible follow-ups>
- RE: OpenBSD 2.9,2.8 local root compromise Brian McKinney (Jun 15)
- Re: OpenBSD 2.9,2.8 local root compromise Przemyslaw Frasunek (Jun 14)