lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <26ED2CA61C63A642BD7F1E856A00560202340302@LEK.office.casema.nl>
Date: Mon, 20 Nov 2006 11:51:31 +0100
From: "Rogier Mulhuijzen" <rogier.mulhuijzen@...ice.casema.nl>
To: "Rodrigo Rubira Branco (BSDaemon)" <rodrigo@...nelhacking.com>,
	<bugtraq@...urityfocus.com>
Subject: RE: FreeBSD all versions  FireWire IOCTL kernel integer overflow information disclousure

Is it me, or do you need to be root or a member of the operator group to
be able to perform an IOCTL on /dev/fw*. In FreeBSD at least, /dev/fw*
is only accessible by root (read/write) and members of the operator
group (read-only).

It might be a bug, I'll grant you that, but it's not disclosure to local
users. It's to local users who are part of the operators group. Those
are 1) rare and 2) able to read disk devices directly, which is a little
more useful than being able to read memory.

Please correct me if I'm wrong.

Cheers,

	Rogier

> -----Original Message-----
> From: Rodrigo Rubira Branco (BSDaemon) 
> [mailto:rodrigo@...nelhacking.com]
> Sent: woensdag 15 november 2006 13:53
> To: vulnwatch@...nwatch.org; "full-
> disclosure@...ts.grok.org.uk"@fjaunet.com.br;
> "bugtraq@...urityfocus.com"@fjaunet.com.br;
> "exploits@...testar.linuxbox.org"@fjaunet.com.br;
> "list@...uriteam.com"@fjaunet.com.br
> Cc: rodrigo@...nelhacking.com
> Subject: FreeBSD all versions FireWire IOCTL kernel integer overflow 
> information disclousure
> 
> --
> http://www.kernelhacking.com/rodrigo
> 
> Kernel Hacking: If i really know, i can hack
> 
> GPG KeyID: 5E90CA19
> 
> 
> 
> ________________________________________________
> Message sent using UebiMiau 2.7.2



This e-mail message and its attachments are subject to the disclaimer published at the following website of Casema: http://www.casema.nl/disclaimer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ