Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 15 Jun 2001 18:04:44 +0100 (BST)
From:      rich@rdrose.org
To:        freebsd-security@freebsd.org
Subject:   FW: OpenBSD 2.9,2.8 local root compromise (fwd)
Message-ID:  <Pine.LNX.4.21.0106151804070.14714-100000@pkl.net>

next in thread | raw e-mail | index | archive | help
Someone asked about 4.3 being susceptible to this attack....

---------- Forwarded message ----------
Date: Fri, 15 Jun 2001 08:41:13 -0500
From: Will Senn <wsenn@postfuture.com>
To: OpenBSDTech <tech@openbsd.org>
Subject: FW: OpenBSD 2.9,2.8 local root compromise

-----Original Message-----
From: Przemyslaw Frasunek [mailto:venglin@freebsd.lublin.pl]
Sent: Thursday, June 14, 2001 12:10 PM
To: Georgi Guninski
Cc: Bugtraq
Subject: Re: OpenBSD 2.9,2.8 local root compromise


On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
> OpenBSD 2.9,2.8
> Have not tested on other OSes but they may be vulnerable

FreeBSD 4.3-STABLE isn't vulnerable. Looks like it's dropping set[ug]id
privileges before allowing detach.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0106151804070.14714-100000>