Re: Possible Security Vulnerability

From: Will Andrews (TrimYourCc@physics.purdue.edu)
Date: 02/25/01

• Next message: John Howie: "Re: Possible Security Vulnerability"
• Previous message: Jonathan Slivko: "Possible Security Vulnerability"
• In reply to: Jonathan Slivko: "Possible Security Vulnerability"
• Next in thread: John Howie: "Re: Possible Security Vulnerability"
• Reply: John Howie: "Re: Possible Security Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sun, 25 Feb 2001 16:36:36 -0500
From: Will Andrews <TrimYourCc@physics.purdue.edu>
To: Jonathan Slivko <js43064n@pace.edu>

[ moved to -stable ]

On Sun, Feb 25, 2001 at 04:32:04PM -0500, Jonathan Slivko wrote:
> I have been testing the security on my machine (FreeBSD 4.2-STABLE) and
> I noticed a bug that could potentially reboot a box from any type of user,
> root or regular user. What I did was I just gave the box a whole bunch of w
> commands like w;w;w;w;w, etc. and just let that run. A few seconds later,
> the box coredumped and rebooted. I got this to occur several times in a row.
> Is this some kind of known vulnerability or is this just something that will
> have to be investigated further? If interested in more details, please feel
> free to e-mail me. Thanks.

That's not a security vulnerability (ie defined as something which gives
an attacker elevated privileges), that's a bug. Nevertheless, I can't
reproduce it.. possibly because you've given next to nothing as far as
details go.

-- 
wca

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• application/pgp-signature attachment: stored

---

• Next message: John Howie: "Re: Possible Security Vulnerability"
• Previous message: Jonathan Slivko: "Possible Security Vulnerability"
• In reply to: Jonathan Slivko: "Possible Security Vulnerability"
• Next in thread: John Howie: "Re: Possible Security Vulnerability"
• Reply: John Howie: "Re: Possible Security Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: reporter on deadline seeks comment about reported security bug in FreeBSD ... Then the security team will make sure to fix the bug for all ... security information web pages at. ... Your work will only improve FreeBSD and I would like to thank you kindly for ... (freebsd-questions) Re: local exploit ... :i wanna ask about Security of FreeBSD 3.4 and 4.x ... :on FreeBSD-3.4 there are local exploit that hack chpass ... So the answer is that by the time FreeBSD-4.1, this bug was ... (FreeBSD-Security) Re: reporter on deadline seeks comment about reported security bug in FreeBSD ... Then the security team will make sure to fix the bug for all ... affected releases of FreeBSD, release a patch with the fix, issue an ... security information web pages at. ... (freebsd-questions) RE: PAWS security vulnerability ... FreeBSD security list" isn't grammatically correct. ... "I told you to post the patch and info to the appropriate FreeBSD security ... "...This point and others are often discussed on the mailing lists, ... (freebsd-questions) Risks Digest 24.91 ... ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ... Adi Shamir's bug attack ... Security company e-mail undercuts user education ... (comp.risks)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-02