On Sun, May 07, 2000 at 11:44:14AM +0100, Cyber Hunter wrote:
> Does anyone know anything about the vulnerability found by the group LSD in
> the x86 systems ? That has helped them to win the Argus Event ?
> http://www.argus-systems.com/events/infosec/#Rules
>
> I would like to study this.
Probably from the 2001-002 NetBSD advisory, see below
for the start of it (bugtraq archives, netbsd site, etc. for
the whole thing). It specifically mentions that Solaris x86
has the same problem mentioned in the advisory.
-eric
---
NetBSD Security Advisory 2001-002
=================================
Topic: Vulnerability in x86 USER_LDT validation.
Version: All versions of NetBSD, on the i386 platform ONLY.
Severity: Local users may execute code with system priveleges
Fixed: NetBSD-current: January 16, 2001
NetBSD-1.5 branch: January 17, 2001
NetBSD-1.4 branch: January 17, 2001
---
