From owner-freebsd-security@FreeBSD.ORG  Wed Jun 19 21:33:00 2013
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id ABCFFB88
 for <freebsd-security@freebsd.org>; Wed, 19 Jun 2013 21:33:00 +0000 (UTC)
 (envelope-from hunger0hu@gmail.com)
Received: from mail-ve0-x235.google.com (mail-ve0-x235.google.com
 [IPv6:2607:f8b0:400c:c01::235])
 by mx1.freebsd.org (Postfix) with ESMTP id 6F86B1088
 for <freebsd-security@freebsd.org>; Wed, 19 Jun 2013 21:33:00 +0000 (UTC)
Received: by mail-ve0-f181.google.com with SMTP id db10so4437143veb.40
 for <freebsd-security@freebsd.org>; Wed, 19 Jun 2013 14:32:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:date:x-google-sender-auth:message-id:subject
 :from:to:content-type;
 bh=YUggtYYNgT1y3s+r90Q2yrDhflePqxmAxDHyuYi2PUM=;
 b=qqR8M38cokEsNf2sZAqK1bJD6fpvvLlKSiKHdB24/lVBasUAjJy9ZhlaE23YYta7Pa
 wxZkaolEnWMh0XADsdZscyTwxOfnTKQ+5f7G3fj+4TklBnO76pJNUGWOM0EIMiGy0l+y
 0VngcxyBy4qDU+g++qwJmdrVrUmMvA8u/JoxIJOtwgeWYtd3KWRDNEZb3fMfti3T2ykR
 OfhIZfCJSaX+d01EnDQ7/IMJtyD49oBnmLwxb/uAkYSMb6ueugXwpez0glUjidt12fIx
 EY8jvLsaWweEOJCn5Lmrc+SZU37TZebwvIJnjiXiDubFU39u651vokxxyZE4/tiYrXFB
 krFQ==
MIME-Version: 1.0
X-Received: by 10.58.6.210 with SMTP id d18mr1516842vea.96.1371677579895; Wed,
 19 Jun 2013 14:32:59 -0700 (PDT)
Sender: hunger0hu@gmail.com
Received: by 10.52.160.226 with HTTP; Wed, 19 Jun 2013 14:32:59 -0700 (PDT)
Date: Wed, 19 Jun 2013 23:32:59 +0200
X-Google-Sender-Auth: I9HUAcrmkmmQDKzNJGWn2qsCrfU
Message-ID: <CANyuAwgZkt6oF0MSa1nOa1fJ1CU=ctUxSJkpQgZUfPqbZ+R49A@mail.gmail.com>
Subject: Happy Birthday FreeBSD! Now you are 20 years old and your security is
 the same as 20 years ago... :)
From: Hunger <hunger@hunger.hu>
To: full-disclosure@lists.grok.org.uk
Content-Type: multipart/mixed; boundary=047d7b6d84e8e5d0e304df8892e1
X-Mailman-Approved-At: Wed, 19 Jun 2013 21:57:01 +0000
X-Content-Filtered-By: Mailman/MimeDel 2.1.14
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jun 2013 21:33:00 -0000

--047d7b6d84e8e5d0e304df8892e1
Content-Type: text/plain; charset=ISO-8859-1

$ uname -a
FreeBSD fbsd91x64 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec
4 09:23:10 UTC 2012
root@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64
$ id
uid=1001(hunger) gid=1002(hunger) groups=1002(hunger)
$ gcc fbsd9lul.c -o fbsd9lul
$ ./fbsd9lul
FreeBSD 9.{0,1} mmap/ptrace exploit
by Hunger <fbsd9lul@hunger.hu>
# id
uid=0(root) gid=0(wheel) egid=1002(hunger) groups=1002(hunger)
#

--047d7b6d84e8e5d0e304df8892e1--