============================================================================= CERT(sm) Vendor-Initiated Bulletin VB-96.04 March 18, 1996 Topic: BSD/OS 2.0/2.0.1 kernel vulnerability Source: Berkeley Software Design, Inc. To aid in the wide distribution of essential security information, the CERT Coordination Center is forwarding the following information from Berkeley Software Design, Inc. (BSDI), who urges you to act on this information as soon as possible. BSDI contact information is included in the forwarded text below; please contact them if you have any questions or need further information. ========================FORWARDED TEXT STARTS HERE============================ ============================================================================= Security Advisory Berkeley Software Design, Inc. Topic: BSD/OS 2.0/2.0.1 kernel vulnerability Number: 1996-03-05 Date: March 5, 1996 Patch: ftp://ftp.bsdi.com/bsdi/patches/patches-2.0.1/K201-008 ============================================================================= I. Background A bug was found in an unused portion of the ptrace code in BSD/OS 2.0 and 2.0.1 that caused a system vulnerability. The bug is not present in the current release, BSD/OS 2.1. BSDI is not aware of anyone who is actively exploiting this bug. All BSDI customers with current support contracts were mailed floppies containing the patch for this problem. Customers without current support contracts can and should download the patch from the ftp server. II. Problem Description Permssion checking for an unused operation was incorrect. III. Impact The problem could allow local users to control privileged processes, and could thus allow users to acquire unauthorized permissions. This vulnerability can only be exploited by users with a valid account on the local system. IV. Solution(s) Install BSDI patch K201-008 on all BSD/OS 2.0 or 2.0.1 systems, or upgrade to BSD/OS 2.1. ============================================================================= Berkeley Software Design, Inc. 5579 Tech Center Drive, Suite 110 Colorado Springs, CO 80919 Web Site: http://www.bsdi.com/ BSDI Support: +1 800 ITS BSD8 / +1 719 536 9346 Support Email: support@bsdi.com PGP Key: ftp://ftp.bsdi.com/bsdi/info/pgp_key =========================FORWARDED TEXT ENDS HERE============================= CERT publications, information about FIRST representatives, and other security-related information are available for anonymous FTP from ftp://info.cert.org/pub/ CERT advisories and bulletins are also posted on the USENET newsgroup comp.security.announce To be added to our mailing list for CERT advisories and bulletins, send your email address to cert-advisory-request@cert.org If you believe that your system has been compromised, contact the CERT Coordination Center or your representative in the Forum of Incident Response and Security Teams (FIRST). If you wish to send sensitive incident or vulnerability information to CERT staff by electronic mail, we strongly advise you to encrypt your message. We can support a shared DES key or PGP. Contact the CERT staff for more information. Location of CERT PGP key ftp://info.cert.org/pub/CERT_PGP.key CERT Contact Information ------------------------ Email cert@cert.org Phone +1 412-268-7090 (24-hour hotline) CERT personnel answer 8:30-5:00 p.m. EST (GMT-5)/EDT(GMT-4), and are on call for emergencies during other hours. Fax +1 412-268-6989 Postal address CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 USA CERT is a service mark of Carnegie Mellon University.