|
|
BugTraq
Re: Sun M-class hardware denial of service Sep 09 2008 09:04PM B 650 (dunc on usenet googlemail com) (2 replies) Re: Sun M-class hardware denial of service Sep 09 2008 09:27PM Theo de Raadt (deraadt cvs openbsd org) (3 replies) Re: Sun M-class hardware denial of service Sep 10 2008 07:01PM Florian Weimer (fw deneb enyo de) (1 replies) Re: Sun M-class hardware denial of service Sep 11 2008 06:07AM Curtis Maloney (cmaloney cardgate net) Re: Sun M-class hardware denial of service Sep 10 2008 02:07PM Micheal Patterson (micheal rhacq com) |
|
Privacy Statement |
> Sent: Tuesday, 09 September, 2008 17:28
> To: B 650
> Cc: bugtraq (at) securityfocus (dot) com [email concealed]
>
> > I apologise if I'm misunderstanding you, but it seems to me that
this
> > issue can only be initiated by a privileged user on a domain.
>
> If one domain can be broken into, and a Solaris kernel module
> is loaded which then crashes that one domain, the entire
> machine eventually has to be powered off to recover that one domain.
I agree with Theo. This is a privilege-escalation DOS attack, pure and
simple. A user with sufficient privilege in one domain, but not
necessarily in others, can 1) force that domain down for an extended
time, and/or 2) force all domains down.
"Privilege" isn't an absolute; there are degrees of privilege, and this
bug lets a user do more damage than their degree of privilege should
allow.
--
Michael Wojcik
Principal Software Systems Developer, Micro Focus
[ reply ]