[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenBSD rootkit?

To: Theo de Raadt <deraadt@cvs.openbsd.org>
Subject: Re: OpenBSD rootkit?
From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
Date: Sun, 14 Jul 2002 11:59:13 +0200
Cc: tech@openbsd.org
Content-Disposition: inline
References: <20020714094425.GA48873@lagoon.freebsd.lublin.pl> <200207140955.g6E9t5JH022178@cvs.openbsd.org>
User-Agent: Mutt/1.4i

On Sun, Jul 14, 2002, Theo de Raadt wrote:
> > This claim is wrong, OpenSSH was vulnerable to CRC32 integer overflow
> > two years ago.
> But if we recall, OpenBSD was not vulnerable in that case because we

It was *probably* not exploitable, but still *vulnerable*. Be more
careful with such statements.

> got lucky with our malloc.

'Our' malloc? It's phkmalloc from FreeBSD.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *

Follow-Ups:
- Re: OpenBSD rootkit?
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

References:
- Re: OpenBSD rootkit?
  - From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
- Re: OpenBSD rootkit?
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

Prev by Date: Re: OpenBSD rootkit?
Next by Date: Re: OpenBSD rootkit?
Prev by thread: Re: OpenBSD rootkit?
Next by thread: Re: OpenBSD rootkit?
Index(es):
- Date
- Thread