|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Aaron Campbell (aaron
monkey.org)Date: Fri Apr 26 2002 - 08:16:42 CDT
On Thu, 25 Apr 2002, Ted U wrote:
> Not quite correct. OpenBSD 2.7 ships with a vulnerable version of sshd.
> If you install 2.7 today, or installed it 2 years ago and never updated,
> you would be remotely rootable.
You are referring to the deattack bug. To my knowledge, no one has proven
this exploitable on OpenBSD, and as far as exploits go I've only ever seen
one for Linux (binary-only) which may or may not even work. Because of the
malloc implementation OpenBSD uses, it's dodged some bullets in the past.
Unless someone in-the-know can chime in with some more definitive
information, assume your vanilla 2.7 box is safe from cookie-cutter script
kiddies, but possibly vulnerable to some blackhats out there with a clever
exploit that works.
A few months ago, a feature was added to OpenBSD's malloc which mprotects
allocated zero-sized memory regions, causing SIGSEGV if they are ever
accessed. Very cool.
--- Aaron Campbell (aaron
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]