From owner-freebsd-security  Thu Aug 28 08:38:35 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id IAA04946
          for security-outgoing; Thu, 28 Aug 1997 08:38:35 -0700 (PDT)
Received: from homeport.org (lighthouse.homeport.org [205.136.65.198])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id IAA04941
          for <freebsd-security@FreeBSD.ORG>; Thu, 28 Aug 1997 08:38:32 -0700 (PDT)
Received: (adam@localhost) by homeport.org (8.8.5/8.6.9) id LAA06331; Thu, 28 Aug 1997 11:35:50 -0400 (EDT)
From: Adam Shostack <adam@homeport.org>
Message-Id: <199708281535.LAA06331@homeport.org>
Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-97:04.procfs
In-Reply-To: <19970828102957.48802@clifford.inch.com> from Omar Thameen at "Aug 28, 97 10:29:57 am"
To: omar@clifford.inch.com (Omar Thameen)
Date: Thu, 28 Aug 1997 11:35:49 -0400 (EDT)
Cc: freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL27 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

If you search the bugtraq archives, you can find exploit code.  Why
not grab some and test for yourself if your systems are vulnerable?

Adam


Omar Thameen wrote:
| What's the official word on whether 2.1.7 is vulnerable?  I know below
| says that 2.1.* is, but the previous discussion indicated that it was
| not.  I personally haven't gotten the exploit to work, but I may be doing
| something wrong.
| 
| Omar


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume