[Full-Disclosure] RE: remote kernel exploits?
From: Jacques A. Vidrine (nectar@FreeBSD.org)
Date: 09/10/02
- Next message: gobbles@hush.com: "[Full-Disclosure] XP security hole uplddrvinfo.htm"
- Previous message: Thor Larholm: "[Full-Disclosure] XP security hole uplddrvinfo.htm"
- In reply to: Yonatan Bokovza: "[Full-Disclosure] RE: remote kernel exploits?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: nectar@FreeBSD.org (Jacques A. Vidrine) Date: Tue, 10 Sep 2002 15:46:27 -0500
On Tue, Sep 10, 2002 at 06:40:59PM +0300, Yonatan Bokovza wrote:
> It might be the case that this is the problem:
> http://www.openbsd.org/errata.html#scarg
> I know that a similar problem was fixed in FreeBSD a little
> later, but I can't find the correct pointer.
I believe the `similar problem' to which you refer is described here:
<URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:38.signed-error.asc>
> Since this is a problem in the kernel, it might be remotely
> exploitable.
These are problems in the handling of arguments to certain system
calls. So no, they are not remotely exploitable by themselves.
Cheers,
-- Jacques A. Vidrine <nectar@celabo.org> http://www.celabo.org/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se
- Next message: gobbles@hush.com: "[Full-Disclosure] XP security hole uplddrvinfo.htm"
- Previous message: Thor Larholm: "[Full-Disclosure] XP security hole uplddrvinfo.htm"
- In reply to: Yonatan Bokovza: "[Full-Disclosure] RE: remote kernel exploits?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
