Info

Disclosure

Oct 07, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A local overflow exists in OpenBSD and NetBSD. systrace fails to validate data passed to the systrace_preprepl function resulting in an integer overflow. With a specially crafted request, an attacker can cause a denial of service or read arbitrary kernel memory resulting in a loss of confidentiality and/or availability.

Classification

Location: Local Access Required
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

For NetBSD, upgrade to the release indicated in the vendor advisory as it has been reported to fix this vulnerability. OpenBSD has released a patch to address this vulnerability.

Products

NetBSD Foundation, Inc.	NetBSD	3.0.1
		3.0
		2.1
		2.0.x
		2.0

OpenBSD	OpenBSD	3.8
		3.9

References

Security Tracker: 1017009
CVE ID: 2006-5218 (see also: NVD)
Bugtraq ID: 20392
Secunia Advisory ID: 22324
ISS X-Force ID: 29392
Vendor Specific Advisory URL: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-024.txt.asc
http://openbsd.org/errata38.html#systrace
http://openbsd.org/errata39.html#systrace
Other Advisory URL: http://scary.beasts.org/security/CESA-2006-003.html

Credit

Chris Evans - chrisscary.beasts.org -

Direct URL: http://osvdb.org/29570

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

NetBSD Foundation, Inc.

NetBSD

OpenBSD

OpenBSD

References

Credit