Remote Exploit Found in OpenBSD Kernel

Impotence

Impotence

May the source be with u!
"OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely expolitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible."

Source: Slashdot.org
Article: Core Security | Home

[OT]
Thats 2 in 10 years! but this one isnt exactly critical, its allready been patched and the machine has to have a ipv6 address to be vulnerable!

However, in order to exploit a vulnerable system an attacker needs to be able to inject fragmented IPv6 packets on the target system's local network. This requires direct physical/logical access to the target's local network -in which case the attacking system does not need to have a working IPv6 stack- or the ability to route or tunnel IPv6 packets to the target from a remote network.
Click to expand...
[/OT]
 
this reminds me, i got an XP update a month or so ago, lol, the funny part is that it says rate in the update this fixes a problem with activeX that fixes an issue that always your computer to be taken over remotely......
 
Thats 2 in 10 years! but this one isnt exactly critical, its allready been patched and the machine has to have a ipv6 address to be vulnerable!
Click to expand...
Luckily ipv6 is nowhere near mainstream.
 
dont be so comfortable with that statement Addis, all of my machines have ipv6 addresses on my local network, i never use them... but they all support ipv6, just there not ipv6 accessible from the internet! (just my local network :P)

Im guessing openBSD is the same, hence why the /. article states you need local network access.
 
Impotence said:
dont be so comfortable with that statement Addis, all of my machines have ipv6 addresses on my local network, i never use them... but they all support ipv6, just there not ipv6 accessible from the internet! (just my local network :P)

Im guessing openBSD is the same, hence why the /. article states you need local network access.
Click to expand...
Hence I said its nowhere near mainstream. Does using ipv6 on a local internal network make it mainstream? IMO, if it weren't for NAT we'd have it by now.
 
You must log in or register to reply here.
Back
Top