[<prev] [next>] [day] [month] [year] [list]
Message-ID: <26ED2CA61C63A642BD7F1E856A00560202340302@LEK.office.casema.nl>
Date: Mon, 20 Nov 2006 11:51:31 +0100
From: "Rogier Mulhuijzen" <rogier.mulhuijzen@...ice.casema.nl>
To: "Rodrigo Rubira Branco (BSDaemon)" <rodrigo@...nelhacking.com>,
<bugtraq@...urityfocus.com>
Subject: RE: FreeBSD all versions FireWire IOCTL kernel integer overflow information disclousure
Is it me, or do you need to be root or a member of the operator group to
be able to perform an IOCTL on /dev/fw*. In FreeBSD at least, /dev/fw*
is only accessible by root (read/write) and members of the operator
group (read-only).
It might be a bug, I'll grant you that, but it's not disclosure to local
users. It's to local users who are part of the operators group. Those
are 1) rare and 2) able to read disk devices directly, which is a little
more useful than being able to read memory.
Please correct me if I'm wrong.
Cheers,
Rogier
> -----Original Message-----
> From: Rodrigo Rubira Branco (BSDaemon)
> [mailto:rodrigo@...nelhacking.com]
> Sent: woensdag 15 november 2006 13:53
> To: vulnwatch@...nwatch.org; "full-
> disclosure@...ts.grok.org.uk"@fjaunet.com.br;
> "bugtraq@...urityfocus.com"@fjaunet.com.br;
> "exploits@...testar.linuxbox.org"@fjaunet.com.br;
> "list@...uriteam.com"@fjaunet.com.br
> Cc: rodrigo@...nelhacking.com
> Subject: FreeBSD all versions FireWire IOCTL kernel integer overflow
> information disclousure
>
> --
> http://www.kernelhacking.com/rodrigo
>
> Kernel Hacking: If i really know, i can hack
>
> GPG KeyID: 5E90CA19
>
>
>
> ________________________________________________
> Message sent using UebiMiau 2.7.2
This e-mail message and its attachments are subject to the disclaimer published at the following website of Casema: http://www.casema.nl/disclaimer
Powered by blists - more mailing lists