Re: FW: [Full-Disclosure] yet another OpenBSD kernel hole ...

[Bruno Rohee <bruno@rohee.com>]

On Tue, Nov 18, 2003 at 10:04:04AM -0500, josh wrote:
> Schamil Wackenhut wrote...
> > * Dries Schellekens wrote:
> > 
> > > Anyone succeeded in succesfully exploiting this on 3.3 or lower?
> > 
> > 3.3 default install is exploitable.
> 
> As is 3.3-stable.

Not anymore at the time of your writing. Since quite a few hours.

CVSROOT:        /cvs
Module name:    src
Changes by:     margarida@cvs.openbsd.org       2003/11/17 15:50:16

Modified files:
        sys/compat/ibcs2: Tag: OPENBSD_3_3 ibcs2_exec.c

Log message:
Pull patch from -current:
Fix by tedu@

add a missing bounds check that allowed a stack overrun. reported by
Georgi Guninski.  also prevent an int overflow.  ok millert@

-- 
Art is either plagiarism or revolution.
		-- Paul Gauguin