Date: Sun, 21 May 2000 11:19:22 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: cjclark@home.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: The procfs Hole in 2.2.8-STABLE? Message-ID: <200005211819.e4LIJSX67798@cwsys.cwsent.com> In-Reply-To: Your message of "Sun, 21 May 2000 14:08:47 EDT." <20000521140847.G96573@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20000521140847.G96573@cc942873-a.ewndsr1.nj.home.com>, "Crist J. Cl ark" writes: > I just want to verify something before I cause myself some pain. From > the wording of FreeBSD-SA-00:01, > > ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:02.procfs.a > sc > > Am I to take it that 2.2.8-STABLE would be vulnerable? The following > seems to imply it, > > "Unfortunately, throughout these three years it was still possible to > abuse /proc/pid/mem in a similar, though more complicated fashion, > which could lead to local root compromise." > > Since the 2.2.x branch was the RELEASE and STABLE branch for a good > part of that three years. > > It just occured to me recently that the UW IMAP vulnerability that > allows users to get a shell combined with a procfs hole would be a Bad > Thing on an old 2.2.8-STABLE mailserver I have. I'm not going to go > through the pain of upgrading the OS that machine except for security > reasons (it's been fine for two years, why fix what ain't broke). > > Do I need to do upgrade it? Maybe I'll just umount /proc. Just umount /proc, though ps won't display the command line and gdb won't work. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005211819.e4LIJSX67798>