Date: Sun, 2 Apr 2000 22:31:07 -0400 From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: Benedict Hadiono <hbenedict_fbsd@yahoo.com> Cc: "Joseph McLeod <lists@whiteh0use.net>" <lists@whiteh0use.net>, freebsd-questions@FreeBSD.ORG Subject: Re: 3.3-RELEASE --- procfs hole Message-ID: <20000402223107.A33106@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <20000403012205.23613.qmail@web4204.mail.yahoo.com>; from hbenedict_fbsd@yahoo.com on Sun, Apr 02, 2000 at 06:22:05PM -0700 References: <20000403012205.23613.qmail@web4204.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Apr 02, 2000 at 06:22:05PM -0700, Benedict Hadiono wrote: > Joseph, > > I wonder if 3.4-STABLE has fixed the problem. ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:02.procfs.asc > --- "Joseph McLeod <lists@whiteh0use.net>" > <lists@whiteh0use.net> wrote: > > > > > > On Sun, 2 Apr 2000, Benedict Hadiono wrote: > > > > > Joseph, > > > > > > Thank you for your information on this error. > > > Can you please elaborate what does this problem > > can > > > practically cause some damage/risks. > > > > Well, someone gave me an account on there freebsd > > 3.3-RELEASE box to test > > there security. While search packetstorm for > > freebsd exploits, i found a > > procfs bug, similar to a procfs bug that was in fbsd > > 2.1.x or at least i > > believe so. I was able to root the box with a > > little modification of the > > code and a simple command after that. For it to > > work (since its only a > > local exploit), it would have to be a user of yours > > thats on the box, or > > you would have to have another remotely exploitable > > piece of software tha > > the attacker could use to get a shell, then he could > > use the local exploit > > to gain root access. > > > > Here is a link with alot more information: > > > > > http://packetstorm.securify.com/0001-exploits/procfs4.htm > > > > > For us to upgrade to 3.4-Stable is not an easy job > > > since we have the system already in the > > > production/operation. > > > > > > Thanks again and look forward to your further > > info. > > > > > > rgds, > > > Benny > > > > > > --- "Joseph McLeod <lists@whiteh0use.net>" > > > <lists@whiteh0use.net> wrote: > > > > hey, I noticed you said you were running fbsd > > > > 3.3-RELEASE, you may already > > > > know this, but there is a procfs hole in the > > > > version. Its a local > > > > exploit, but all the same, i figured you might > > wanna > > > > know. I guess you > > > > could either umount /proc or upgrade to > > 3.4-STABLE, > > > > which doesn't seem to > > > > be affected (or at least not with the same > > exploit > > > > code). > > > > > > > > > > > > > > > > > > __________________________________________________ > > > Do You Yahoo!? > > > Talk to your friends online with Yahoo! Messenger. > > > http://im.yahoo.com > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Talk to your friends online with Yahoo! Messenger. > http://im.yahoo.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000402223107.A33106>