[20512] in bugtraq
Re: x86 vulnerability ?
daemon@ATHENA.MIT.EDU (Thomas Dullien)
Mon Apr 30 13:10:57 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <20010430072234.16EC824C3FE@lists.securityfocus.com>
Date: Tue, 1 May 2001 10:21:56 +0200
Reply-To: Thomas Dullien <dullien@gmx.de>
From: Thomas Dullien <dullien@gmx.de>
X-To: Eric Hall <info@DARKART.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
On Tue, 24 Apr 2001 16:27:33 -0700, Eric Hall wrote:
>On Sun, May 07, 2000 at 11:44:14AM +0100, Cyber Hunter wrote:
>> Does anyone know anything about the vulnerability found by the group LSD in
>> the x86 systems ? That has helped them to win the Argus Event ?
>> http://www.argus-systems.com/events/infosec/#Rules
>>
>> I would like to study this.
>
> Probably from the 2001-002 NetBSD advisory, see below
>for the start of it (bugtraq archives, netbsd site, etc. for
>the whole thing). It specifically mentions that Solaris x86
>has the same problem mentioned in the advisory.
The original poster asked about priviledge escalation under NT/2k,
and as AFAIK there is no LDT in which an attacker can create
callgates, I doubt this is applicable to NT/2k.
Cheers,
Thomas
