Subject: Re: [Full-disclosure] NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure
To: Lubomir Kundrak <>
From: Manuel Bouyer <>
List: tech-security
Date: 11/16/2006 13:58:59
On Thu, Nov 16, 2006 at 01:35:43PM +0100, Lubomir Kundrak wrote:

Note that the fw nodes are not created by default in /dev.
Also MAKEDEV create them 660 root:operator so you have to be in group
operator to exploit this (unless you change the permissions). In this
case you can also do a lot of other things (like read raw disk devices).

Manuel Bouyer <>
     NetBSD: 26 ans d'experience feront toujours la difference