-----BEGIN PGP SIGNED MESSAGE-----

=============================================================================
CERT(sm) Vendor-Initiated Bulletin VB-96.04
March 18, 1996

Topic:  BSD/OS 2.0/2.0.1 kernel vulnerability
Source: Berkeley Software Design, Inc.

To aid in the wide distribution of essential security information, the CERT
Coordination Center is forwarding the following information from Berkeley
Software Design, Inc. (BSDI), who urges you to act on this information as soon
as possible. BSDI contact information is included in the forwarded text below;
please contact them if you have any questions or need further information.


========================FORWARDED TEXT STARTS HERE============================

=============================================================================
Security Advisory
Berkeley Software Design, Inc.

Topic:  BSD/OS 2.0/2.0.1 kernel vulnerability
Number: 1996-03-05
Date:   March 5, 1996
Patch:  ftp://ftp.bsdi.com/bsdi/patches/patches-2.0.1/K201-008
=============================================================================


I.   Background    
     
     A bug was found in an unused portion of the ptrace code in
     BSD/OS 2.0 and 2.0.1 that caused a system vulnerability.  The
     bug is not present in the current release, BSD/OS 2.1.  BSDI
     is not aware of anyone who is actively exploiting this bug.

     All BSDI customers with current support contracts were mailed
     floppies containing the patch for this problem.  Customers
     without current support contracts can and should download the
     patch from the ftp server.


II.  Problem Description

     Permssion checking for an unused operation was incorrect.


III. Impact

     The problem could allow local users to control privileged
     processes, and could thus allow users to acquire unauthorized
     permissions.

     This vulnerability can only be exploited by users with a valid
     account on the local system.


IV. Solution(s)

     Install BSDI patch K201-008 on all BSD/OS 2.0 or 2.0.1 systems,
     or upgrade to BSD/OS 2.1.


=============================================================================
Berkeley Software Design, Inc.
5579 Tech Center Drive, Suite 110
Colorado Springs, CO 80919

Web Site:       http://www.bsdi.com/
BSDI Support:   +1 800 ITS BSD8  /  +1 719 536 9346
Support Email:  support@bsdi.com
PGP Key:        ftp://ftp.bsdi.com/bsdi/info/pgp_key

=========================FORWARDED TEXT ENDS HERE=============================

CERT publications, information about FIRST representatives, and other
security-related information are available for anonymous FTP from
        ftp://info.cert.org/pub/

CERT advisories and bulletins are also posted on the USENET newsgroup
        comp.security.announce

To be added to our mailing list for CERT advisories and bulletins, send your
email address to
        cert-advisory-request@cert.org

If you believe that your system has been compromised, contact the CERT
Coordination Center or your representative in the Forum of Incident Response
and Security Teams (FIRST).  

If you wish to send sensitive incident or vulnerability information to CERT
staff by electronic mail, we strongly advise you to encrypt your message.
We can support a shared DES key or PGP. Contact the CERT staff for more
information.

Location of CERT PGP key
         ftp://info.cert.org/pub/CERT_PGP.key


CERT Contact Information
- ------------------------
Email    cert@cert.org

Phone    +1 412-268-7090 (24-hour hotline)
                CERT personnel answer 8:30-5:00 p.m. EST
                (GMT-5)/EDT(GMT-4), and are on call for
                emergencies during other hours.

Fax      +1 412-268-6989

Postal address
        CERT Coordination Center
        Software Engineering Institute
        Carnegie Mellon University
        Pittsburgh PA 15213-3890
        USA

CERT is a service mark of Carnegie Mellon University.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMaMvC3VP+x0t4w7BAQGY1gP8CFguURNtnh1MSia2LcpZdd6Nz+fkdID7
JNbMyqSdkFQsKn52w7cnUOeAehTiwsSfr0Mzjra2J3q1c8I5d1BDNb7SyC+U7Xxu
lsdAyZKVCspwPJoO97i6wa9WMicdZ2Hl1aqSVMve3/XCdN5RQlf2RvtxPcYNFKlA
smrhyFW2NAg=
=k0Mk
-----END PGP SIGNATURE-----