Vigil@nce: HP-UX, denial of service via semaphores
April 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
A local attacker can use semaphores, in order to stop the HP-UX
kernel.
– Severity: 1/4
– Creation date: 20/04/2010
DESCRIPTION OF THE VULNERABILITY
The semctl() and semop() system calls are used to manage System V
semaphores.
However, an error in the sequencing of semctl() and semop() panics
the kernel. Technical details are unknown.
A local attacker can therefore use semaphores, in order to stop
the HP-UX kernel.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/HP-UX-denial-of-service-via-semaphores-9599