• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenBSD 'rtlabel_id2name()' Local Denial of Service Vulnerability

OpenBSD is prone to a local denial-of-service vulnerability when the kernel handles a specially crafted IOCTL request.

Exploiting this issue allows attackers with local, interactive access to affected computers to trigger kernel panics, which will deny further service to legitimate users.

OpenBSD 4.2 through OpenBSD-current (as of 11 January, 2008) are vulnerable to this issue. Previous versions did not have the vulnerable IOCTL code.