OSVDB ID: 11062

Title: Multiple BSD Kernel Asynchronous I/O Facility Notification DoS

Info

Disclosure
Sep 15, 1997

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 Certain BSD-derived kernels contain a flaw that may allow a local denial of service. The issue is triggered when a malicious user sends signals to arbitrary processes via certain ioctl and fcntl system calls to interrupt or kill processes, resulting in loss of availability for the service or platform.

Classification

 Location: Local Access Required
Attack Type: Denial of Service, Input Manipulation, Misconfiguration
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified

Solution

 Upgrade to OpenBSD version 2.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. For all others, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

BSDI

BSD

 4.4

FreeBSD Project

FreeBSD

 Unknown or Unspecified

NetBSD Foundation, Inc.

NetBSD

 Unknown or Unspecified

OpenBSD

OpenBSD

 2.1

SGI

IRIX

 Unknown or Unspecified

References

Credit
  • Alan Peakall -


Direct URL: http://osvdb.org/36218