News:

Holy shit, it's 2018 2019 2020 2021 2022 2023 2024, and the US isn't a fascist country! What a time to be alive.

Main Menu

OpenBSD Vuln Found

Started by iago, March 20, 2007, 11:00:24 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

iago

March 20, 2007, 11:00:24 AM
A few days late, but eh?

The second remotely exploitable vuln in OpenBSD's default install found in over 10 years. Suckers!

Anyway, you can read all about it in this Symantec blog entry, written by some joker named "Ron":
http://www.symantec.com/enterprise/security_response/weblog/2007/03/remotely_exploitable_openbsd_v.html

Skywing

#1
March 20, 2007, 03:26:29 PM
The way the BSD people handled the issue was disappointing.  Assuming a kernel mode overflow will not be exploitable to run code by default until proven otherwise is not a very good policy.

iago

#2
March 20, 2007, 04:31:37 PM
Yeah, was dumb and it needlessly delayed patching.

It also bothered me that they were specific that they don't refer to denial of service as a "vulnerability", but as an "issue". Changing words to make it sound better is dirty.

Writing that was fun, though, because there's no love for the main Open BSD author (Theo?) in this office, they all seem to think he's arrogant.

cheeseisfun

#3
March 20, 2007, 09:08:12 PM Last Edit: March 20, 2007, 09:11:46 PM by cheeseisfun
Quote from: iago on March 20, 2007, 11:00:24 AM
A few days late, but eh?

The second remotely exploitable vuln in OpenBSD's default install found in over 10 years. Suckers!

Anyway, you can read all about it in this Symantec blog entry, written by some joker named "Ron":
http://www.symantec.com/enterprise/security_response/weblog/2007/03/remotely_exploitable_openbsd_v.html


What they mean about "the second remotely exploitable vuln in OpenBSD's default install" is that it's the second known one. There are many more than that, but most held by real hackers, who don't leak their 0day. Everyone always seems to stretch the truth of OpenBSD's  'good' security...

And Theo De Raadt is just plain queer in general. That's why nobody likes him.
I personally don't like OpenBSD, and one of the reasons is because of Theo De Raadt. NetBSD/FreeBSD are much better anyways, in my opinion.

Joe

#4
March 22, 2007, 03:12:34 AM Last Edit: March 22, 2007, 03:26:41 AM by Joe[x86]
You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.

iago

#5
March 22, 2007, 10:24:15 AM
Quote from: Joex86] link=topic=8855.msg112713#msg112713 date=1174547554]
You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).
Dean isn't in charge of the scripts, he's the head of the ISTR team. It's pretty complicated.

It's the calendar that freezes the browser, but it doesn't happen always, I'm not sure why.

And the guy in charge of the page... well, there's a bit of an issue there. I can't talk about that right now. :)

nslay

#6
March 22, 2007, 01:26:55 PM
I installed OpenBSD some time ago...I was not impressed by it at all.  Its all hype over proactive security auditting, but its hardware support and technology even lack behind NetBSD (e.g. no WPA support, old devfs, no plip, old tun, etc...)! 
FreeBSD project has such a team that combs the kernel source for vulnerabilities, but this isn't an advertising point!

I will say that OpenBSD does have some neat memory security schemes and an awesome firewall ... but in the end the proactive auditting is really just a bunch of hype.
As it stands, Solaris, OS X, FreeBSD, and Linux, are among the leaders in security features in the Unix world.
FreeBSD and OS X share security features derived from TrustedBSD, Darwin's OpenBSM, and some Mcaffee developed features in OS X.
Sun has BSM
Linux has seLinux
An adorable giant isopod!

GameSnake

#7
March 23, 2007, 10:12:44 PM
On Skywing's comment, you expect too much of free software, you want it patched and handled like theres hundred of paid programmers behind the issue, we know thats not the case. Instead the people of OpenBSD are not really obligated to fix things in a formal manner, I am just wondering what you expect of non profit open source software?

Armin

#8
March 23, 2007, 10:39:54 PM
Quote from: GameSnake on March 23, 2007, 10:12:44 PM
On Skywing's comment, you expect too much of free software, you want it patched and handled like theres hundred of paid programmers behind the issue, we know thats not the case. Instead the people of OpenBSD are not really obligated to fix things in a formal manner, I am just wondering what you expect of non profit open source software?
I think you've misread his post. He never said anything about wanting it patched, yet that the way the BSD people brushed it off as nothing and ignored it was disappointing. They could've at least acknowledged a problem could exist.
Hitmen: art is gay

Joe

#9
March 25, 2007, 05:35:01 AM
Quote from: iago on March 22, 2007, 10:24:15 AM
Quote from: Joex86] link=topic=8855.msg112713#msg112713 date=1174547554]
You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).
Dean isn't in charge of the scripts, he's the head of the ISTR team. It's pretty complicated.

It's the calendar that freezes the browser, but it doesn't happen always, I'm not sure why.

And the guy in charge of the page... well, there's a bit of an issue there. I can't talk about that right now. :)

"Dead imprisoned or otherwise unable to fulfill his duty" ?
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.

cheeseisfun

#10
May 07, 2007, 01:53:31 AM
Quote from: Joex86/64] link=topic=8855.msg112713#msg112713 date=1174547554]
You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).

You do know that the real blackhat hackers call them 0day because they are private and not patched, right? You're only like 15 or 16, and know next to nothing about hacking. People use words differently in different cultures.

iago

#11
May 07, 2007, 10:27:04 AM
Quote from: cheeseisfun on May 07, 2007, 01:53:31 AM
You do know that the real blackhat hackers call them 0day because they are private and not patched, right? You're only like 15 or 16, and know next to nothing about hacking. People use words differently in different cultures.

* <-- Joke
@ <-- Your head

To put that another way, he was obviously joking.
Print
Go Up Pages1
User actions