lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Sep 2008 05:41:02 -0700
From: "Michael Wojcik" <Michael.Wojcik@...roFocus.com>
To: <bugtraq@...urityfocus.com>
Cc: "Theo de Raadt" <deraadt@....openbsd.org>,
	"B 650" <dunc.on.usenet@...glemail.com>
Subject: RE: Sun M-class hardware denial of service 

> From: Theo de Raadt [mailto:deraadt@....openbsd.org] 
> Sent: Tuesday, 09 September, 2008 17:28
> To: B 650
> Cc: bugtraq@...urityfocus.com
> 
> > I apologise if I'm misunderstanding you, but it seems to me that
this 
> > issue can only be initiated by a privileged user on a domain.
> 
> If one domain can be broken into, and a Solaris kernel module 
> is loaded which then crashes that one domain, the entire 
> machine eventually has to be powered off to recover that one domain.

I agree with Theo. This is a privilege-escalation DOS attack, pure and
simple. A user with sufficient privilege in one domain, but not
necessarily in others, can 1) force that domain down for an extended
time, and/or 2) force all domains down.

"Privilege" isn't an absolute; there are degrees of privilege, and this
bug lets a user do more damage than their degree of privilege should
allow.

-- 
Michael Wojcik
Principal Software Systems Developer, Micro Focus

Powered by blists - more mailing lists