Re: Fwd: Any user can panic OpenBSD machine

copestar.enet.dec.com

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Kragen: "Re: Fwd: Any user can panic OpenBSD machine"
• Previous message: Peter W: "Re: Fwd: Any user can panic OpenBSD machine"
• Maybe in reply to: Michael Fuhr: "Fwd: Any user can panic OpenBSD machine"
• Next in thread: Jason Thorpe: "Re: Fwd: Any user can panic OpenBSD machine"

deraadtCVS.OPENBSD.ORG wrote:

> However, this bug does not by itself provide anyone with a way to gain
> elevated priviledges and greater control of the system.  That is what
> most of us normally call an 'exploit', or has the lingo changed
> recently?

If you consider denial-of-service an attack, then I consider anon-privileged system crasher an exploit. However, I agree
you that no Bugtraq reader should be "appalled" or even
surprised when the occasional buffer overflow, improper
typecast, etc. is found that crashes a system. (Heck, one even
shows up in good old OpenVMS now and then!)

> Also, please see
>         www.openbsd.org/security.html
>
> for information on other security fixes which are far more important,
> yet strangely have not reached BUGTRAQ like this report did.

Bugtraq is for reporting new vulnerabilities, not rehashing those whichhave already been announced. In other words, you found 'em before
we did ;)

   Joshua Cope

------------------------------------------------------------
The above opinions and information not necessarily those of
Digital Equipment Corporation or Compaq.
------------------------------------------------------------

• Next message: Kragen: "Re: Fwd: Any user can panic OpenBSD machine"
• Previous message: Peter W: "Re: Fwd: Any user can panic OpenBSD machine"
• Maybe in reply to: Michael Fuhr: "Fwd: Any user can panic OpenBSD machine"
• Next in thread: Jason Thorpe: "Re: Fwd: Any user can panic OpenBSD machine"