Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Security flaw in Free BSD provides root access

Add to del.icio.us     Digg this story Digg this

December 9, 2009

A critical security hole in the latest version of FreeBSD can be exploited to grant unprivileged users absolute full control over the operating system.

It has just been discovered that a critical security hole in the latest version of FreeBSD can be exploited to grant unprivileged users absolute full control over the operating system, a German researcher said Dec. 7.

The security bug is present in FreeBSD 8.0 and is known to affect versions 7.1 and 7.2 of the open-source OS as well, Nikolaos Rangos, a spokesperson for FreeBSD.


Rangos added that it was "unbelievably simple" to exploit. Shortly after he disclosed the flaw, other researchers said they were able to confirm the critical security flaw by replicating it on their own systems.

The security flaw resides in FreeBSD's so-called run-time link editor. A binary run by an unprivileged Unix user can be executed with administrative privileges in a restricted environment, Rangos said.

Click here to order the best dedicated server and at a great price.

This would allow the user to obtain complete root access to the operating system.

All that's required to run the exploit code, which Rangos included in his post, is any standard SSH command shell.

To exploit the flaw, hackers and potential attackers would need local access to the vulnerable computer or server. To use the attack code remotely, it's conceivable it could be used in concert with another vulnerability, such as one residing in an Internet application running on the machine.

FreeBSD security officer Colin Percival said his team was the first to have heard of the reported vulnerability. The team is currently investigating, and will probably come up with a fix sooner rather than later.

"The security hole is in the most recent versions of FreeBSD and normally local root vulnerabilities are quickly patched by the FreeBSD maintainers," Percival said.

Overall, FreeBSD is an advanced operating system for x86 compatible, including Pentium® and Athlon™ CPUs, AMD 64 compatible including Opteron™, Athlon™64, and EM64T, ARM, IA-64, PowerPC, PC-98 and UltraSPARC® architectures.

It is derived from BSD, the version of the Unix® operating system developed at the University of California, Berkeley.

FreeBSD is developed and maintained by a large team of individuals. Additional platforms are in various stages of development.

FreeBSD offers networking, performance, security and compatibility features today which are still missing in other operating systems, even some of the best commercial ones, the company claims.

Add to del.icio.us     Digg this story Digg this

Source: FreeBSD.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer



Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.


Get your Linux or Windows dedicated server today.


The industry's best and most accurate tool to find out EXACTLY what your CORRECT keywords are. Click here to learn more.