what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files from Gleb Smirnoff

First Active2013-09-10
Last Active2013-09-10
FreeBSD Security Advisory - ioctl(2) Insufficient Credential Checks
Posted Sep 10, 2013
Authored by Loganaden Velvindron, Gleb Smirnoff | Site security.freebsd.org

FreeBSD Security Advisory - The ioctl(2) system call allows an application to perform device- or protocol-specific operations through a file or socket descriptor associated with a specific device or protocol. As is commonly the case, the IPv6 and ATM network layer ioctl request handlers are written in such a way that an unrecognized request is passed on unmodified to the link layer, which will either handle it or return an error code. Network interface drivers, however, assume that the SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR and SIOCSIFNETMASK requests have been handled at the network layer, and therefore do not perform input validation or verify the caller's credentials. Typical link-layer actions for these requests may include marking the interface as "up" and resetting the underlying hardware. An unprivileged user with the ability to run arbitrary code can cause any network interface in the system to perform the link layer actions associated with a SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR or SIOCSIFNETMASK ioctl request; or trigger a kernel panic by passing a specially crafted address structure which causes a network interface driver to dereference an invalid pointer. Although this has not been confirmed, the possibility that an attacker may be able to execute arbitrary code in kernel context can not be ruled out.

tags | advisory, arbitrary, kernel, protocol
systems | freebsd
advisories | CVE-2013-5691
SHA-256 | a5ca4fe5fc583837849cbb21a1852129d96964f3d5e07eadde7ab78f09bf4a19
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close