[Leaplist] BSD root escalation exploit

Kevin Korb kmk at sanitarium.net
Wed Sep 16 20:20:01 EDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No big deal.  Lots of actual BSD users don't know the real lineage.  Linux
users tend to think of FreeBSD, NetBSD, and OpenBSD as different
distributions of the same thing because that is how Linux works but there
are significant differences at every level.

On Wed, 16 Sep 2009 20:17:56 -0400
Hank Lambert <hank at hanklambert.com> wrote:
> Thanks for the clarification, I didn't even think of that (I'm not a BSD
> user).
> 
> Kevin Korb wrote:
> > It should be noted that this is a FreeBSD exploit and not a generic
> > *BSD exploit.  AFAICT it does not affect OpenBSD.  Not sure about
> > NetBSD or OSX as I didn't check on them.
> >
> > On Wed, 16 Sep 2009 20:02:13 -0400
> > Hank Lambert <hank at hanklambert.com> wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> >
> > > Here is an article on a recent BSD root escalation vulnerability for
> > > those running BSD. Luckily it's a local exploit, but a serious one
> > > none-the-less. I know there are a few people here running BSD, so I
> > > thought I would pass it along.
> >
> > >
> > http://www.darknet.org.uk/2009/09/freebsd-local-root-escalation-vulnerability/
> >
> >
> > > - --
> >
> > > Hank Lambert, KB4MTO
> > > www.hanklambert.com
> > > hank at hanklambert.com
> > > PGP Key 0x96D33D71
> >
> > > 
> 
> ----------------------------------------------------------------------
> 
> _______________________________________________
> Leaplist mailing list
> Leaplist at leap-cf.org
> http://lists.leap-cf.org/mailman/listinfo/leaplist
> 


- -- 
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
	Kevin Korb			Phone:    (407) 252-6853
	Systems Administrator		Internet:
	FutureQuest, Inc.		Kevin at FutureQuest.net  (work)
	Orlando, Florida		kmk at sanitarium.net (personal)
	Web page:			http://www.sanitarium.net/
	PGP public key available on web site.
~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~'`^`'~*-,._.,-*~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)

iEYEARECAAYFAkqxgLIACgkQVKC1jlbQAQdqigCg8taVicNq7G2SZqTv/LDM/2+Q
qxIAoM5/XGBHvR/ZAs4fPWJ/ijvn7Y7S
=r06C
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Leaplist mailing list