Slashdot Mirror


Remote Exploit Discovered for OpenBSD

An anonymous reader writes "OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely exploitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible."

8 of 338 comments (clear)

  1. Heh by cyberbob2351 · · Score: 5, Funny
    From TFA:

    Remotely Exploitable: Yes
    Locally Exploitable: No
    That right there is the biggest slap in the face! Everyone should have the freedom to fux0r their own machine!

    Opensource my ass...
    --
    for sale
    I'm a self-modifying sig virus
  2. It's a feature by andy314159pi · · Score: 4, Funny

    Vulnerability Description
    The OpenBSD kernel contains a memory corruption vulnerability in the code that handles IPv6 packets. Exploitation of this vulnerability can result in:
    1) Remote execution of arbitrary code at the kernel level on the vulnerable systems (complete system compromise), or;
    2) Remote denial of service attacks against vulnerable systems (system crash due to a kernel panic)

    I think they just found the Windows2003 Server Emulator.
  3. Re:Well done, the OpenBSD team. by Leto-II · · Score: 5, Funny

    Could this be a sign of overconfidence in the Linux community?


    Not really, since this has nothing to do with Linux. It's OpenBSD, not Linux.
    --
    Do not anger the worm.
  4. Holy Cow, an OpenBSD Vuln? by Anonymous Coward · · Score: 5, Funny

    Thank GOD I run the company webserver on NT!

  5. Re:Moo by noz · · Score: 4, Funny

    See! I told you ipv6 was evil!
    You mean ipv666 don't you?
  6. Time to make a list... by Anonymous Coward · · Score: 5, Funny

    -The Sox won the world series
    -The Pope died
    -Mac got Intel chips
    -The Berlin Wall came down
    -I out-lived 4 cats
    -Man walked on the moon
    -I got laid
    and...
    -BSD had a hole

    1. Re:Time to make a list... by bytesex · · Score: 5, Funny

      Do the facts that you got laid and that BSD had a hole have anything to do with each other ? Just asking - kids these days...

      --
      Religion is what happens when nature strikes and groupthink goes wrong.
  7. Re:Well done, the OpenBSD team. by Tom · · Score: 5, Funny

    It is when basically the only thing your OS does "in the default install" is allow SSH logins. Which is more remote access than a default install of Windos contains. ;-)

    Ok, make that "more intentional remote access"...
    --
    Assorted stuff I do sometimes: Lemuria.org