Re: OpenBSD 2.9,2.8 local root compromise

["Tony Lambiris" <tlambiris () skillsoft com>]

AFAIK its been fixed in -current, and it _will_ be in errata shortly..
in the meantime, there is a hotfix for the code itself, read the mailing
lists.. OR

in /etc/fstab, make /tmp nosuid and noexec, then mount -u /tmp (you did
make tmp a seperate partition.. didn tyou?)

----- Original Message -----
From: "Andreas Haugsnes" <andreas () haugsnes no>
To: "Bugtraq" <BUGTRAQ () securityfocus com>
Sent: Friday, June 15, 2001 3:18 AM
Subject: Re: OpenBSD 2.9,2.8 local root compromise


> I must say that I gasped and had to wipe sweat from my
> forehead when I read, tested and could confirm this
> exploit.
>
> The OpenBSD-team has known about this for -6- days (15th of June),
> and they haven't been able to come up with atleast a temporary fix?
> I can't find anything on errdata / security warnings,
> what's up with that?
>
> Andreas Haugsnes
>
>
> On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
> > Georgi Guninski security advisory #47, 2001
> >
> > OpenBSD 2.9,2.8 local root compromise
> >
> > Systems affected:
> > OpenBSD 2.9,2.8
> > Have not tested on other OSes but they may be vulnerable
>
> > Vendor status:
> > OpenBSD was informed on 9 June 2001.