Date: Fri, 15 Jun 2001 20:10:58 +0300 From: Peter Pentchev <roam@orbitel.bg> To: rich@rdrose.org Cc: freebsd-security@freebsd.org Subject: Re: FW: OpenBSD 2.9,2.8 local root compromise (fwd) Message-ID: <20010615201058.O94445@ringworld.oblivion.bg> In-Reply-To: <Pine.LNX.4.21.0106151804070.14714-100000@pkl.net>; from rich@rdrose.org on Fri, Jun 15, 2001 at 06:04:44PM %2B0100 References: <Pine.LNX.4.21.0106151804070.14714-100000@pkl.net>
next in thread | previous in thread | raw e-mail | index | archive | help
That 'someone' quoted this same message, and a follow-up, explaining why someone else actually thinks 4.3 *might* be vulnerable. G'luck, Peter -- If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false. On Fri, Jun 15, 2001 at 06:04:44PM +0100, rich@rdrose.org wrote: > Someone asked about 4.3 being susceptible to this attack.... > > ---------- Forwarded message ---------- > Date: Fri, 15 Jun 2001 08:41:13 -0500 > From: Will Senn <wsenn@postfuture.com> > To: OpenBSDTech <tech@openbsd.org> > Subject: FW: OpenBSD 2.9,2.8 local root compromise > > -----Original Message----- > From: Przemyslaw Frasunek [mailto:venglin@freebsd.lublin.pl] > Sent: Thursday, June 14, 2001 12:10 PM > To: Georgi Guninski > Cc: Bugtraq > Subject: Re: OpenBSD 2.9,2.8 local root compromise > > > On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote: > > OpenBSD 2.9,2.8 > > Have not tested on other OSes but they may be vulnerable > > FreeBSD 4.3-STABLE isn't vulnerable. Looks like it's dropping set[ug]id > privileges before allowing detach. > > -- > * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE * > * Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010615201058.O94445>