|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michael Wojcik (Michael.Wojcik
MicroFocus.com)
Date: Wed Sep 10 2008 - 07:41:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> From: Theo de Raadt [mailto:deraadtcvs.openbsd.org]
> Sent: Tuesday, 09 September, 2008 17:28
> To: B 650
> Cc: bugtraqsecurityfocus.com
>
> > I apologise if I'm misunderstanding you, but it seems to me that
this
> > issue can only be initiated by a privileged user on a domain.
>
> If one domain can be broken into, and a Solaris kernel module
> is loaded which then crashes that one domain, the entire
> machine eventually has to be powered off to recover that one domain.
I agree with Theo. This is a privilege-escalation DOS attack, pure and
simple. A user with sufficient privilege in one domain, but not
necessarily in others, can 1) force that domain down for an extended
time, and/or 2) force all domains down.
"Privilege" isn't an absolute; there are degrees of privilege, and this
bug lets a user do more damage than their degree of privilege should
allow.
--
Michael Wojcik
Principal Software Systems Developer, Micro Focus
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]