posted by Thom Holwerda on Thu 9th Aug 2007 17:02 UTC, submitted by Joe User
University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software, recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release.
Related Articles
posted by Amjith Ramanujam on Mon 25th Aug 2008 21:40
posted by Amjith Ramanujam on Sat 16th Aug 2008 01:04, submitted by sharkscott
posted by Amjith Ramanujam on Mon 11th Aug 2008 16:13, submitted by gonzo