Subject: Re: vvopenbsd.c exploit for kern_exec.c
To: Jeremy C. Reed <>
From: Jason R Thorpe <>
List: tech-security
Date: 06/15/2001 13:43:33
On Fri, Jun 15, 2001 at 01:36:36PM -0700, Jeremy C. Reed wrote:

 > Can anyone confirm if this problem exists in NetBSD?

The problem did exist in NetBSD, and I committed a fix this morning.
I wrote the security advisory a little while ago, and it should be
out soon.

 > The exploit uses su -- is this exploit doable for users not in the wheel
 > group?


        -- Jason R. Thorpe <>