Guardian Digital Inc. > InfoCenter > Mailing List Archives > Full Disclosure
Full Disclosure Mailing List Archive
From: Evgeny Demidov (email@example.com)
Name: NetBSD kernel local vulnerabilities
There exists multiple vulnerabilities in NetBSD binary compatibility code.
1) signal number validation problems in xxx_sys_kill(),xxx_sys_sigaction() and similar syscalls
These are limited to local DoS only.
2) buffer overflows
At least one of them can be exploited to gain full super-user privilegies.
NetBSD has issued advisory - ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-010.txt.asc
Oct 12, 2004 - initial vendor notification