|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
A local overflow exists in FreeBSD. The fts library function fails to check bounds resulting in a buffer overflow. With a specially crafted request, an attacker can cause perodic() to core dump when running its security checking scripts (or other scripts which traverse trees that can be controlled by users) resulting in a privilege escalation and consequent loss of integrity.
|
|
Classification |
Location:
Local Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to corrected versions 3.2-STABLE or 3.3-RELEASE or higher, as it has been reported to fix this vulnerability. Also, FreeBSD has released a patch. It is also possible to correct the flaw by implementing the following workaround: disable periodic() core dumps by changing core size to zero.
# mv /usr/sbin/periodic /usr/sbin/periodic.bin
# cat > /usr/sbin/periodic
#!/bin/sh
ulimit -c 0
/usr/sbin/periodic.bin $*
^D
# chmod 555 /usr/sbin/periodic
|
|
Products |
|
FreeBSD
 |
1.1.5.1 |
2.x |
3.0 |
3.1 |
3.2 |
|
|
|
|
Credit |
- Patrick Oonk - patrick
 pine.nl -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
