On Wed, 11 Nov 2009, Eygene Ryabinkin wrote:
> Date: Wed, 11 Nov 2009 22:37:44 +0300 > From: Eygene Ryabinkin <[email protected]> > To: Damian Weber <[email protected]> > Cc: Bjoern A. Zeeb <[email protected]>, > [email protected], [email protected], > Oliver Pinter <[email protected]> > Subject: Re: 2009-07-20 FreeBSD 7.2 (pecoff executable) Local Denial of > Service Exploit 23 R D Shaun Colley > > Wed, Nov 11, 2009 at 07:14:48PM +0100, Damian Weber wrote: > > FWIW, I got another result on 6.4-STABLE > > > > FreeBSD mymachine.local 6.4-STABLE FreeBSD 6.4-STABLE #6: Sat Oct 3 > > 13:06:12 CEST 2009 [email protected]:/usr/obj/usr/src/sys/MYMACHINE > > i386 > > > > $ ./pecoff > > MZaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa????aaaa > > [I'm truncating here, ~3500 a's follow]aaaaa: File name too long > > You have no pecoff module loaded or compiled-in to the kernel, > aren't you? Your "File name too long" is spitted by the shell, > so it was not handled by the PE loader at all. Confirmed. The code crashes the 6.4-stable machine when pecoff module is loaded. Wojciech A. Koszek wrote: > I think the best way would be to remove PECOFF from 6.x and 7.x. Now, I'm inclined to think that, too ;-) -- Damian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
