Slashdot Mirror

← Back to Stories (view on slashdot.org)

FreeBSD security Advisories: FreeBSD-SA-03:09.sign

Posted by Hemos on from the alert-alert-alert dept.

Dan writes "FreeBSD security team has released two new advisories. The first advisory entitled "Insufficient range checking of signal numbers" could allow a malicious local user to use this vulnerability as a local denial-of-service attack. The second advisory "Kernel memory disclosure via ibcs2" could allow a malicious user to call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory containing sensitive information."

2 of 78 comments (clear)

  1. sensitive information by patch-rustem · · Score: 5, Funny
    ... to return a large portion of kernel memory containing sensitive information.

    What, like the sys admins porn collection.

    --
    Karma: Bad due to google bombing - Robert Watkins woz 'ere.
  2. Bias in topic titles?? Never!! by Anonymous Coward · · Score: 5, Funny

    It's sort of interesting that this FreeBSD vulnerability is headlined with such a cryptic title. Now, if it were a vulnerability in Windows, it would probably have been titled 'New Windows Exploit crushes small furry animals mercilessly.'