Author Topic: OpenBSD Vuln Found (Read 4549 times)

iago · « **on:** March 20, 2007, 11:00:24 am »

A few days late, but eh?

The second remotely exploitable vuln in OpenBSD's default install found in over 10 years. Suckers!

Anyway, you can read all about it in this Symantec blog entry, written by some joker named "Ron":
http://www.symantec.com/enterprise/security_response/weblog/2007/03/remotely_exploitable_openbsd_v.html

Skywing · « **Reply #1 on:** March 20, 2007, 03:26:29 pm »

The way the BSD people handled the issue was disappointing. Assuming a kernel mode overflow will not be exploitable to run code by default until proven otherwise is not a very good policy.

iago · « **Reply #2 on:** March 20, 2007, 04:31:37 pm »

Yeah, was dumb and it needlessly delayed patching.

It also bothered me that they were specific that they don't refer to denial of service as a "vulnerability", but as an "issue". Changing words to make it sound better is dirty.

Writing that was fun, though, because there's no love for the main Open BSD author (Theo?) in this office, they all seem to think he's arrogant.

cheeseisfun · « **Reply #3 on:** March 20, 2007, 09:08:12 pm »

Quote from: iago on March 20, 2007, 11:00:24 am

A few days late, but eh?

The second remotely exploitable vuln in OpenBSD's default install found in over 10 years. Suckers!

Anyway, you can read all about it in this Symantec blog entry, written by some joker named "Ron":
http://www.symantec.com/enterprise/security_response/weblog/2007/03/remotely_exploitable_openbsd_v.html

What they mean about "the second remotely exploitable vuln in OpenBSD's default install" is that it's the second known one. There are many more than that, but most held by real hackers, who don't leak their 0day. Everyone always seems to stretch the truth of OpenBSD's 'good' security...

And Theo De Raadt is just plain queer in general. That's why nobody likes him.
I personally don't like OpenBSD, and one of the reasons is because of Theo De Raadt. NetBSD/FreeBSD are much better anyways, in my opinion.

Joe · « **Reply #4 on:** March 22, 2007, 03:12:34 am »

You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).

iago · « **Reply #5 on:** March 22, 2007, 10:24:15 am »

Quote from: Joe[x86] on March 22, 2007, 03:12:34 am

You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).

Dean isn't in charge of the scripts, he's the head of the ISTR team. It's pretty complicated.

It's the calendar that freezes the browser, but it doesn't happen always, I'm not sure why.

And the guy in charge of the page... well, there's a bit of an issue there. I can't talk about that right now.

nslay · « **Reply #6 on:** March 22, 2007, 01:26:55 pm »

I installed OpenBSD some time ago...I was not impressed by it at all. Its all hype over proactive security auditting, but its hardware support and technology even lack behind NetBSD (e.g. no WPA support, old devfs, no plip, old tun, etc...)!
FreeBSD project has such a team that combs the kernel source for vulnerabilities, but this isn't an advertising point!

I will say that OpenBSD does have some neat memory security schemes and an awesome firewall ... but in the end the proactive auditting is really just a bunch of hype.
As it stands, Solaris, OS X, FreeBSD, and Linux, are among the leaders in security features in the Unix world.
FreeBSD and OS X share security features derived from TrustedBSD, Darwin's OpenBSM, and some Mcaffee developed features in OS X.
Sun has BSM
Linux has seLinux

GameSnake · « **Reply #7 on:** March 23, 2007, 10:12:44 pm »

On Skywing's comment, you expect too much of free software, you want it patched and handled like theres hundred of paid programmers behind the issue, we know thats not the case. Instead the people of OpenBSD are not really obligated to fix things in a formal manner, I am just wondering what you expect of non profit open source software?

Armin · « **Reply #8 on:** March 23, 2007, 10:39:54 pm »

Quote from: GameSnake on March 23, 2007, 10:12:44 pm

On Skywing's comment, you expect too much of free software, you want it patched and handled like theres hundred of paid programmers behind the issue, we know thats not the case. Instead the people of OpenBSD are not really obligated to fix things in a formal manner, I am just wondering what you expect of non profit open source software?

I think you've misread his post. He never said anything about wanting it patched, yet that the way the BSD people brushed it off as nothing and ignored it was disappointing. They could've at least acknowledged a problem could exist.

Joe · « **Reply #9 on:** March 25, 2007, 05:35:01 am »

Quote from: iago on March 22, 2007, 10:24:15 am

Quote from: Joe[x86] on March 22, 2007, 03:12:34 am
You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).
Dean isn't in charge of the scripts, he's the head of the ISTR team. It's pretty complicated.

It's the calendar that freezes the browser, but it doesn't happen always, I'm not sure why.

And the guy in charge of the page... well, there's a bit of an issue there. I can't talk about that right now.

"Dead imprisoned or otherwise unable to fulfill his duty" ?

cheeseisfun · « **Reply #10 on:** May 07, 2007, 01:53:31 am »

Quote from: Joe[x86/64] on March 22, 2007, 03:12:34 am

You do know that a vuln that took 10 years to find is not a zero-day, right? You're only 3650 days off.

EDIT -
Nice article, iago.

By the way, tell Dean that Symantec needs to fix some of their scripts. The "show results with ommitted stuff included" throws an error on line one (then goes ahead and works), and when I try loading an article, a script loops and freezes the whole browser for like 10 seconds (sometimes).

You do know that the real blackhat hackers call them 0day because they are private and not patched, right? You're only like 15 or 16, and know next to nothing about hacking. People use words differently in different cultures.

iago · « **Reply #11 on:** May 07, 2007, 10:27:04 am »

Quote from: cheeseisfun on May 07, 2007, 01:53:31 am

You do know that the real blackhat hackers call them 0day because they are private and not patched, right? You're only like 15 or 16, and know next to nothing about hacking. People use words differently in different cultures.

* <-- Joke
@ <-- Your head

To put that another way, he was obviously joking.

Clan x86

News:

Author Topic: OpenBSD Vuln Found (Read 4549 times)

iago

OpenBSD Vuln Found

Skywing

Re: OpenBSD Vuln Found

iago

Re: OpenBSD Vuln Found

cheeseisfun

Re: OpenBSD Vuln Found

Joe

Re: OpenBSD Vuln Found

iago

Re: OpenBSD Vuln Found

nslay

Re: OpenBSD Vuln Found

GameSnake

Re: OpenBSD Vuln Found

Armin

Re: OpenBSD Vuln Found

Joe

Re: OpenBSD Vuln Found

cheeseisfun

Re: OpenBSD Vuln Found

iago

Re: OpenBSD Vuln Found