Re: FreeBSD Security Advisory FreeBSD-SA-02:38.signed-error

From: Brad Laue (brad@brad-x.com)
Date: 08/19/02


Date: Mon, 19 Aug 2002 12:05:11 -0400
From: Brad Laue <brad@brad-x.com>
To: freebsd-security@freebsd.org

FreeBSD Security Advisories wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
=============================================================================
> FreeBSD-SA-02:38.signed-error Security
Advisory
> The FreeBSD
Project
>
> Topic: Boundary checking errors involving signed integers

This might be an obtuse question, but I'm going to risk it and ask anyway.

Given that accept(2) and getpeername(2) are vulnerable one would think
this were remotely exploitable, but I'm not familiar enough to say this
for certain.

Is this a remotely exploitable issue, or only local?

Brad

-- 
// -- http://www.BRAD-X.com/ -- //
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: FreeBSD Security Advisory FreeBSD-SA-02:38.signed-error
    ... > FreeBSD Security Advisories wrote: ... > This might be an obtuse question, but I'm going to risk it and ask anyway. ... only how the kernel processes user arguements. ...
    (FreeBSD-Security)
  • Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip
    ... At 01:23 PM 4/17/2002, FreeBSD Security Advisories wrote: ... >the RELENG_4_5 security branch dated after the respective correction ... On what server is 4.5-RELEASE-p3 located? ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • Re: FreeBSD Security Advisory: FreeBSD-SA-01:18.bind
    ... > On Wed, 31 Jan 2001, FreeBSD Security Advisories wrote: ... > Why not make it default in the base system? ... "I have the heart of a child; I keep it in a jar on my desk." ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • Re: FreeBSD Security Advisory FreeBSD-SA-02:43.bind
    ... > Hello, FreeBSD Security Advisories! ... > These instructions are incorrect, ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)