Re: FW: OpenBSD 2.9,2.8 local root compromise (fwd)

From: Mike Tancsa (
Date: 06/15/01

Date: Fri, 15 Jun 2001 13:08:09 -0400
To:, freebsd-security@FreeBSD.ORG
From: Mike Tancsa <>

At 06:04 PM 6/15/01 +0100, wrote:
>Someone asked about 4.3 being susceptible to this attack....

A followup to the message you quote below seems to imply this is not the
case and FreeBSD might be vulnerable. Hence the request for
clarification. See the message from Jason R Thorpe <>
which I posted in my original question to this list.


>---------- Forwarded message ----------
>Date: Fri, 15 Jun 2001 08:41:13 -0500
>From: Will Senn <>
>To: OpenBSDTech <>
>Subject: FW: OpenBSD 2.9,2.8 local root compromise
>-----Original Message-----
>From: Przemyslaw Frasunek []
>Sent: Thursday, June 14, 2001 12:10 PM
>To: Georgi Guninski
>Cc: Bugtraq
>Subject: Re: OpenBSD 2.9,2.8 local root compromise
>On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
> > OpenBSD 2.9,2.8
> > Have not tested on other OSes but they may be vulnerable
>FreeBSD 4.3-STABLE isn't vulnerable. Looks like it's dropping set[ug]id
>privileges before allowing detach.
>* Fido: 2:480/124 ** WWW: ** NIC-HDL: PMF9-RIPE *
>* Inet: ** PGP: D48684904685DF43EA93AFA13BE170BF *
>To Unsubscribe: send mail to
>with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Fwd: Re: OpenBSD 2.9,2.8 local root compromise
    ... Does anyone know either way if FreeBSD is or is not vulnerable? ... >Subject: Re: OpenBSD 2.9,2.8 local root compromise ... >Organization: Zembu Labs, Inc. ...
  • Re: Open Vs Free BSD
    ... NetBSD: Run on any hardware ... OpenBSD: ... FreeBSD: ... I like NetBSD (because of the supported platforms - especially RiscPCs - and the clean implementation). ...
  • Re: Fwd: That whole "Linux stealing our code" thing
    ... The myth that Theo understands dual licensing? ... It's no longer dual licenced in the FreeBSD tree because the FreeBSD ... FreeBSD doesn't have Reyk's athHAL from OpenBSD, ... dual licenced files planned to make GPL-only ...
  • Re: RX (download) limit problem
    ... > I've been seeing a strange problem with my 5.4-STABLE freebsd ... > behind it or the firewall itself) can get a decent rate. ... > In talking to some openBSD guys we had a theory that it might be something ... > the upload and download being kept symmetric and hence so low on the ...
  • Re: Quick and dirty router/firewall to test something?
    ... using FreeBSD vs. OpenBSD. ... Soekris boards up against commercial Watchguard and Cisco offerings any ... Chris Olive ...