Info

Disclosure

Nov 21, 2003

Discovery

Unknown

Dates

Exploit

Nov 21, 2003

Solution

Unknown

Description

A local overflow exists in two OpenBSD functions. The system fails to properly sanity check the semctl and semop system functions when a user-supplied semaphore set is handled. With a simple program, an attacker can cause a kernel panic and crash the system.

Classification

Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability

Solution

Install the 008_sem.patch provided by OpenBSD. A patch is required as there are no known workarounds.

Products

OpenBSD	OpenBSD	3.3
		3.4

References

Secunia Advisory ID: 10309
ISS X-Force ID: 13811
Bugtraq ID: 9086
Vendor Specific Solution URL: ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/008_sem.patch
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0260.html
Vendor Specific Advisory URL: http://www.openbsd.org/errata.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/2871