Thursday, March 15, 2007

Core Security Team finds bug in OpenBSD

OpenBSD is considered one of the most secure operating systems. This is because of the approach taken to writing it where every bit of code is audited before it is released. It is only the second severe bug in the history of OpenBSD. But this bug is a big deal. The Core Security team educated the OpenBSD team on how crashes in the kernel can be exploited.

Basically, the OpenBSD team insisted that the worst that could happen was that the system would crash. The Core team insisted that they shouldn't make that assumption, then took up the challenge and worked up a proof-of-concept exploit.

Here's the summary: a malformed IPv6 packet can be sent to an OpenBSD system causing arbitrary code to run on that system.

The fix: disallow IPv6 traffic using a firewall in front of the OpenBSD system or the firewall rules on the system itself. And better than either of those solutions is to update your kernel, which requires applying a patch.

In my opinion, IPv6 implementations on all operating systems have not undergone the kind of testing as IPv4 implementations and are therefore a security risk. If you don't specifically use IPv6, you should seriously consider blocking it at your firewall.

No comments: