Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824

看板FB_security作者時間19年前 (2006/11/25 05:25), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串7/7 (看更多)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [It's just a panic] I was so transfixed on Josh stating that the attacker could as well just mount a filesystem with suid root binaries and how that would be more useful than a buffer overflow in the filesystem driver. I totally missed the fact that we were talking about two bugs where the kernel deliberately called panic() ;). So in this case I'd agree that the panic() is undesirable, but not really a security issue. Lutz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFZ2L5DbEkl9DbWrYRAus0AJwPEkX240mVIWme//LzHw210kUzKQCffFv1 6KGhWX9L0kzuMxk+JR+GyCg= =RSll -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 lboehne. 的文章
文章代碼(AID): #15PsDN00 (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 7 之 7 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共7篇)
更多 lboehne. 的文章
文章代碼(AID): #15PsDN00 (FB_security)