Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Serious Remote FreeBSD Exploit Posted, Patched

timothy posted more than 4 years ago | from the wait-thought-you-said-openbsd dept.

Security 7

Trailrunner7 writes "A researcher has published an explanation of a new flaw in FreeBSD that allows a remote attacker to take control of a vulnerable machine. The vulnerability could give an attacker root access to the FreeBSD machine, and the FreeBSD developers have published a patch for the flaw early Tuesday. The vulnerability lies in run-time link-editor and, if exploited, gives an attacker the ability to run arbitrary code. The researcher, Kingcope, has posted an explanation of the flaw on the Full Disclosure mailing list. In a message to FreeBSD users, Colin Percival, the project's security officer, said that because of the severity of the flaw and the fact that exploit code already is available, he felt it was necessary to post the patch as soon as possible, without even publishing a security advisory."

cancel ×

7 comments

Sorry! There are no comments related to the filter you selected.

Looked at the patch.... (1)

idiotnot (302133) | more than 4 years ago | (#30284724)

...and it seems simple enough. Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root. Are those just inherited; do you still need root access to build the FreeBSD user-space? (I honestly don't know; haven't used FreeBSD since the abortion that was 5.x. NetBSD, which is what I use for BSD these days, you can build everything as a regular user.)

Re:Looked at the patch.... (2, Informative)

FrangoAssado (561740) | more than 4 years ago | (#30285722)

Kind of wonder why those env variables wouldn't be unset by default for everything, then set only on programs that should need root.

The environment is inherited *at run time*, not during compilation. And the problem was in the code that tried to unset these variables before loading the executable file: it was failing if the environment was corrupt. With the patch, it detects this and aborts.

FYI (4, Informative)

revisionz (82265) | more than 4 years ago | (#30285360)

Local attack only.

Local only (0)

Anonymous Coward | more than 4 years ago | (#30285408)

You realize you mixed up local / remote?

Local Exploit != Serious Remote Exploit (2, Informative)

Anonymous Coward | more than 4 years ago | (#30285556)

The posters should RTFA before posting. It is a local exploit, and although serious, it can't be compared with a remote exploit.

Re:Local Exploit != Serious Remote Exploit (1)

WinterSolstice (223271) | more than 4 years ago | (#30303742)

Yeah, well, it wasn't as sensation that way.

Is that PiHex Percival ? (1)

RockDoctor (15477) | more than 4 years ago | (#30315290)

It seems that it is.

Come on, SlashDot younglings, ask what PiHex is/was and why?

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>