From: Peter Pentchev (roam orbitel.bg)
Date: Fri Jun 15 2001 - 12:10:58 CDT
Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
That 'someone' quoted this same message, and a follow-up, explaining
why someone else actually thinks 4.3 *might* be vulnerable.
G'luck,
Peter
--
If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false.
On Fri, Jun 15, 2001 at 06:04:44PM +0100, richrdrose.org wrote:
> Someone asked about 4.3 being susceptible to this attack....
>
> ---------- Forwarded message ----------
> Date: Fri, 15 Jun 2001 08:41:13 -0500
> From: Will Senn <wsennpostfuture.com>
> To: OpenBSDTech <techopenbsd.org>
> Subject: FW: OpenBSD 2.9,2.8 local root compromise
>
> -----Original Message-----
> From: Przemyslaw Frasunek [mailto:venglinfreebsd.lublin.pl]
> Sent: Thursday, June 14, 2001 12:10 PM
> To: Georgi Guninski
> Cc: Bugtraq
> Subject: Re: OpenBSD 2.9,2.8 local root compromise
>
>
> On Thu, Jun 14, 2001 at 05:14:46PM +0300, Georgi Guninski wrote:
> > OpenBSD 2.9,2.8
> > Have not tested on other OSes but they may be vulnerable
>
> FreeBSD 4.3-STABLE isn't vulnerable. Looks like it's dropping set[ug]id
> privileges before allowing detach.
>
> --
> * Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
> * Inet: przemyslawfrasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
|
