[nycbug-talk] Cambridge Researcher Breaks OpenBSD Systrace
Peter Wright
pete at nomadlogic.org
Thu Aug 9 17:07:18 EDT 2007
> Link: http://it.slashdot.org/it/07/08/09/138224.shtml
>
> An anonymous reader writes "University of Cambridge researcher Robert
> Watson has published a paper at the First USENIX Workshop On Offensive
> Technology in which he describes serious vulnerabilities in OpenBSD's
> Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The
> technique is also effective against many commercially available
> anti-virus systems. His slides include sample exploit code that
> bypasses access control, virtualization, and intrusion detection in
> under 20 lines of C code consisting solely of memcpy() and fork().
> Sysjail has now withdrawn their software, recommending against any
> use, and NetBSD has disabled Systrace by default in their upcoming
> release."
>
i read the paper this morning - it's quite interesting read actually:
http://www.watson.org/~robert/2007woot/2007usenixwoot-exploitingconcurrency.pdf
http://www.watson.org/~robert/2007woot/
-p
--
~~oO00Oo~~
Peter Wright
pete at nomadlogic.org
www.nomadlogic.org/~pete
310.869.9459
More information about the talk
mailing list