Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: OpenBSD security flaw

  1. #1
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177

    OpenBSD security flaw

    Ahhh moments like this. After hearing "OpenBSD is the most secure OS in the world" like 90 times in the past week, I get this in my inbox:

    ______________________________________________________________________________________________________________________
    Georgi Guninski posted an advisory on his site about a remote crash in
    the OpenBSD kernel caused by connecting with a small IPv6 MTU.

    http://www.guninski.com/obsdmtu.html

    The error was present in revision 1.81 of /src/sys/netinet6/ip6_output.c
    and is fixed in revision 1.82 ( 2004/02/04 08:47:41 ), you can see the
    colored diffs at

    http://www.openbsd.org/cgi-bin/cvswe..._output.c.diff
    ?r1=text&tr1=1.81&r2=text&tr2=1.82&f=h


    OpenBSD administrators should pull the revised code from CVS and
    recompile their kernels.




    Regards

    Thor Larholm
    Senior Security Researcher
    PivX Solutions
    24 Corporate Plaza #180
    Newport Beach, CA 92660
    http://www.pivx.com
    thor@pivx.com
    Phone: +1 (949) 231-8496
    PGP: 0x5A276569
    6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569

    PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
    Qwik-Fix
    <http://www.qwik-fix.net>

    ______________________________________________________________________________________________________________________


  2. #2
    Antionline Herpetologist
    Join Date
    Aug 2001
    Posts
    1,165
    OpenBSD changed their page to say
    Only one remote hole in the default install, in more than 7 years!
    Cheers,
    cgkanchi
    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog: http://biology000.blogspot.com

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Guninski's hole is a new one I think, so they may need to changed that to "only two remote holes in the default install"
    Quis custodiet ipsos custodes

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Uhh... I think the one remote hole is a reference to Gunski's hole, not to a previous one. This is the only one I've ever heard of, remote or local.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    I thought the first hole was an OpenSSH related exploit that appeared in 2002?(As OpenSSH is in the default installtion of OpenBSD I believe). This one is a new IPv6 hole
    Quis custodiet ipsos custodes

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    There are some other exploits out there for it as well, but they seem to get around them by using that "default install" line.
    Quis custodiet ipsos custodes

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    I thought the first hole was an OpenSSH related exploit that appeared in 2002
    That would be a flaw in OpenSSH rather than OpenBSD and that particular flaw, IIRC, affected all OSes that had/used OpenSSH. This one seems specific to the OpenBSD itself.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    The "one remote hole" is indeed the OpenSSH one. That score referes to OpenBSD's default install, so OpenSSH is/was fare game.

    The new bug isn't considered a hole because it can't be exploited (give shell), it only crashes the box, as far as we know for now.

    Ammo
    Credit travels up, blame travels down -- The Boss

  9. #9
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Opeb BSD is nice. There is no doubt in that. But Some people take it a bit extreme at times thinking it's un hackable. No OS is like that. It's still all code waiting to crack exploited. I do like the idea of the code audits, and I think that is a reason that it has become so secure.

    Did you guys know Linux was the first OS (and perhaps it still is) the first/only OS to have a completely RFC compliant IPv4 stack? Linux's IP stack is still regarded as one of the best around.

    I posted the web site I found this on in the OS forum. It's located here:

    http://digital-domain.net/lug/unix-linux-history.html

  10. #10
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    When compared to the track record of other OS's, OpenBSD still holds the champions belt. I think 1 remotely exploitable bug and one remote DoS bug in seven years is a record I can live with (Especially given some of the competitions record). Since OpenBSD isnt used near as much as other OS's its hard to get a real accurate statistical depiction of where they fit in in the security scale, but overall there are alot of details I appreciate about the OS, for instance the IP sequence (PRNG) for OpenBSD and Linux kicks the **** out of other OS's and thats just one of many security conscious features BSD employs. No one ever said programmers didnt make mistakes, but its nice when they at least look for them BEFORE they distribute their software. (*ahem* Microsoft *ahem*)

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •