Secunia Research Advisory - A vulnerability has been identified in OpenBSD allowing a malicious root user to escalate privileges. The problem is that the root user may set the semaphore limit to a high value, which causes an integer overflow. This could be exploited to bypass the security level access control (securelevel) specified at boot time.
f31997d5d1e04fd1b70e758ee24b98598f34265b3b0f58f83720a3ee45983017
TITLE:
OpenBSD Semaphore Limit Integer Overflow
SECUNIA ADVISORY ID:
SA9722
VERIFY ADVISORY:
http://www.secunia.com/advisories/9722/
CRITICAL:
Not critical
IMPACT:
Privilege escalation
WHERE:
Local system
OPERATING SYSTEM:
OpenBSD 3.x
DESCRIPTION:
A vulnerability has been identified in OpenBSD allowing a malicious
root user to escalate privileges.
The problem is that the "root" user may set the semaphore limit to a
high value, which causes an integer overflow. This could be exploited
to bypass the security level access control (securelevel) specified
at boot time.
SOLUTION:
A patch is available for OpenBSD 3.3:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/003_sysvsem.patch
This has been fixed in OpenBSD current.
ORIGINAL ADVISORY:
http://www.openbsd.org/errata.html#sysvsem
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support@secunia.com
Tel : +45 7020 5144
Fax : +45 7020 5145
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed