Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Multiple BSD Vendor Ptrace Race Condition Vulnerability

Multiple BSD Vendor Ptrace Race Condition Vulnerability

by platon on June 16th, 2001 Ptrace is a facility used mostly by debuggers that allows one process to attach to another and monitor/modify its execution state and memory...



Ptrace implements checks to ensure that unprivileged processes do not attach to privileged ones. It has been reported that a race condition exists in some BSD ptrace implementations that may cause these checks to by bypassed.

Due to this vulnerability, an unprivileged process may be able to attach to a privileged process. This may allow local attackers to elevate privileges.

OpenBSD and NetBSD have both confirmed that they are vulnerable. OpenBSD has released kernel patches, while NetBSD has fixed the problem in their CVS tree.

[Download the exploit.] (author: Georgi Guninski)

OpenBSD has released kernel patches that will eliminate this vulnerability for versions 2.8 and 2.9. Administrators are advised to build and boot new kernels after applying these fixes.

NetBSD has fixed this vulnerability in their main source tree, but has not released official fixes or a new kernel version. Administrators may install a snapshot or download diffs from the NetBSD cvs server (webcvs URL available in the references section).

OpenBSD OpenBSD 2.9:

OpenBSD patch 2.9 007_kernexec.patch:

Download

OpenBSD OpenBSD 2.8:

OpenBSD patch 2.8 030_kernexec.patch:

Download


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »