OpenBSD Malformed Binary Execution Denial of Service Vulnerability [بایگانی] - انجمن گروه آشیانه

توجه ! این یک نسخه آرشیو شده میباشد و در این حالت شما عکسی را مشاهده نمیکنید برای مشاهده کامل متن و عکسها بر روی لینک مقابل کلیک کنید : OpenBSD Malformed Binary Execution Denial of Service Vulnerability

NI3

11-06-2003, 11:34 AM

TITLE:
OpenBSD Malformed Binary Execution Denial of Service Vulnerability

SECUNIA ADVISORY ID:
SA10147

VERIFY ADVISORY:
[Only registered and activated users can see links]

CRITICAL:
Not critical

IMPACT:
DoS

WHERE:
Local system

OPERATING SYSTEM:
OpenBSD 3.x

DESCRIPTION:
A vulnerability has been reported in OpenBSD, which can be exploited
by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to errors in "ibcs2_exec.c" and
"exec_elf.c". This can be exploited to cause a kernel panic by
executing a specially crafted binary with an invalid header.

SOLUTION:
Apply patch.

OpenBSD 3.4:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch

OpenBSD 3.3:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/010_exec.patch

REPORTED BY / CREDITS:
Georgi Guninski

ORIGINAL ADVISORY:
[Only registered and activated users can see links]

----------------------------------------------------------------------