OSVDB ID: 32574

Title: OpenBSD sys/dev/pci/vga_pci.c VGA Driver for wscons Local Privilege Escalation

Info

Disclosure

Jan 04, 2007

Discovery

Unknown

Dates

Exploit

Jan 07, 2007

Solution

Unknown

Description

OpenBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when PCIAGP option is enabled in the kernel, and the adapter is not compatible, allowing a local user to gain root privileges. This flaw may lead to a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Misconfiguration
Impact: Loss of Integrity
Exploit: Exploit Public
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.

Products

OpenBSD	OpenBSD	3.9
		4.0

References

Security Tracker: 1017468
CVE ID: 2007-0085 (see also: NVD)
Secunia Advisory ID: 23608
SCIP VulDB ID: 2794
Exploit Database: 3094
Milw0rm: 3094
ISS X-Force ID: 31276
VUPEN Advisory: ADV-2007-0043
Other Advisory URL: http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf
Mail List Post: http://whitestar.linuxbox.org/pipermail/exploits/2007-January/000088.html
Vendor Specific News/Changelog Entry: http://www.openbsd.org/errata39.html#agp
Vendor Specific Advisory URL: http://www.openbsd.org/errata40.html#agp
Generic Exploit URL: http://www.securiteam.com/exploits/5JP092KKAM.html

Credit

Ilja van Sprundel -

Direct URL: http://osvdb.org/32574