Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679
From: Lutz Boehne (lboehnedamogran.de)
Date: Fri Nov 24 2006 - 15:24:12 CST
-----BEGIN PGP SIGNED MESSAGE-----
[It's just a panic]
I was so transfixed on Josh stating that the attacker could as well just
mount a filesystem with suid root binaries and how that would be more
useful than a buffer overflow in the filesystem driver. I totally missed
the fact that we were talking about two bugs where the kernel
deliberately called panic() ;).
So in this case I'd agree that the panic() is undesirable, but not
really a security issue.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
freebsd-securityfreebsd.org mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"