From owner-freebsd-security@FreeBSD.ORG Tue Jul 21 18:58:23 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E112106564A; Tue, 21 Jul 2009 18:58:23 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: from mail-fx0-f218.google.com (mail-fx0-f218.google.com [209.85.220.218]) by mx1.freebsd.org (Postfix) with ESMTP id EAF378FC13; Tue, 21 Jul 2009 18:58:22 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: by fxm18 with SMTP id 18so11878fxm.43 for ; Tue, 21 Jul 2009 11:58:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=EfP0IZyqaFHVWMJs8r3uW7QxmtlQ3dDc37Y6M1FR4vk=; b=sN7wx5R6c1mqtesGqkRPBjoGnoCL97DQ066u8fwMCJ5aYj/KniPtVkWXVGiSLWKua/ GYwX8BmOZKJ1asQdk9eyT6ipwCtaS8lDnjXzAuZSreKrHgyjHuW84v1WOjnv3O+VJl4O HFoEUyN1+2evUCPRp78TK7UScNBWoXM8GllNk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=FUhkqPkyFQgfyqPhiQFLVk1fy6LpjoyhueJ+XMDgtdeLUC3cHlxZXouSacCpXOnwf8 vFrFKMrYMH9AQv5mJVGSepbNAUM5yBElVW4iGp+AHsFLoOnoNB+D9UQ+S4kH8vZtX7UU dveV+UA4728HftQF1DML1xhWPVTWsLQhKjzb8= MIME-Version: 1.0 Received: by 10.103.52.13 with SMTP id e13mr1138199muk.122.1248202701506; Tue, 21 Jul 2009 11:58:21 -0700 (PDT) In-Reply-To: <20090721180413.GA13170@mail.securityfocus.com> References: <6101e8c40907201008n62eeec05r6670a79698bc2ac7@mail.gmail.com> <86zlayvydu.fsf@ds4.des.no> <20090721180413.GA13170@mail.securityfocus.com> Date: Tue, 21 Jul 2009 20:58:21 +0200 Message-ID: <6101e8c40907211158j29a84b2fl6b343790b698977b@mail.gmail.com> From: Oliver Pinter To: "Jason V. Miller" , "Dag-Erling Sm??rgrav" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, FreeBSD Security Officer Subject: Re: 2009-07-20 FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit 23 R D Shaun Colley X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Jul 2009 18:58:23 -0000 Hi all! Yeah, I found the expolit in milw0rm at Jul 20, 2009. and send this mail, before I never read anything from so@freebsd.org... and from this mail (I think security officer), so then add cperciva to CC. btw: oliver@oliverp src> git grep "so@freebsd.org" sys/dev/usb/ubser.c: * Copyright (c) 2004 Ber{}ter sys/dev/usb/ubser.h: * Copyright (c) 2003 Ber{}ter This git tree is the full freebsd tree, imported to git, and no information from this mail address. On 7/21/09, Jason V. Miller wrote: > On Tue, Jul 21, 2009 at 05:39:25PM +0200, Dag-Erling Sm??rgrav wrote: >> Oliver Pinter writes: >> > http://milw0rm.com/exploits/9206 >> >> Standard procedure is to contact so@freebsd.org directly rather than >> post an exploit on a public, archived mailing list. > > To be fair, he didn't post a new exploit to the list, but instead a link to > an already-public exploit. > > J. > > -- > Jason V. Miller >