Date: Tue, 10 Oct 2006 20:16:30 -0400 From: Bill Moran <wmoran@collaborativefusion.com> To: Colin Percival <cperciva@freebsd.org> Cc: freebsd security <freebsd-security@freebsd.org>, questions@freebsd.org Subject: Re: iDefense Security Advisory 10.10.06: FreeBSD ptrace PT_LWPINFO Denial of Service Vulnerability Message-ID: <20061010201630.aabaf1a4.wmoran@collaborativefusion.com> In-Reply-To: <452C25A2.6080809@freebsd.org> References: <20061010185141.ce3e7134.wmoran@collaborativefusion.com> <452C25A2.6080809@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival <cperciva@freebsd.org> wrote:
> Bill Moran wrote:
> > This report seems pretty vague. I'm unsure as to whether the alleged
> > "bug" gives the user any more permissions than he'd already have? Anyone
> > know any details?
>
> This is a local denial of service bug, which was fixed 6 weeks ago in HEAD
> and RELENG_6. There is no opportunity for either remote denial of service
> or any privilege escalation.
>
> > VI. VENDOR RESPONSE
> >
> > "The policy of the FreeBSD Security Team is that local denial of service
> > bugs not be treated as security issues; it is possible that this problem
> > will be corrected in a future Erratum."
>
> If there was any potential for
> (a) privilege escalation,
> (b) disclosure of potentially sensitive information, or
> (c) denial of service by a non-authenticated attacker,
> we would have issued a security advisory.
That was what I expected. Section III seems to hint that it could be
used by an unprivilidged user to crash or lock a system. I suspect they
used it as root to crash/lock the OS. But I don't need any bugs to do
that as root, so it doesn't really count as a security issue.
BTW, are you going to be at NYCBSDCon? If so, seek me out -- I owe you
a beer at the least.
As always, thanks for the quick response.
--
Bill Moran
That seem right to you?
Jubal Early
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061010201630.aabaf1a4.wmoran>