FreeBSD bug grants local root access (FreeBSD 6.x)
Mike Tancsa
mike at sentex.net
Fri Sep 25 13:05:20 UTC 2009
At 05:08 AM 9/15/2009, Xin LI wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hi,
>
>Frederique Rijsdijk wrote:
> > Hi,
> >
> > Any info on this subject on
> >
> > http://www.theregister.co.uk/2009/09/14/freebsd_security_bug/
>
>Currently we (secteam@) are testing the correction patch and do
>peer-review on the security advisory draft, the bug was found and fixed
>on -HEAD and 7-STABLE before 7.1-RELEASE during some stress test but was
>not recognized as a security vulnerability at that time. The exploit
>code has to be executed locally, i.e. either by an untrusted local user,
>or be exploited in conjunction with some remote vulnerability on
>applications that allow the attacker to inject their own code.
>
>We can not release further details about the problem at this time,
>though, but I think we will likely to publish the advisory and
>correction patch this patch Wednesday.
Hi,
Just wondering if there is any update on this issue ?
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
More information about the freebsd-security
mailing list