[VIM] grsecurity/PaX dispute of Digital Armaments claims

Steven M. Christey coley at linus.mitre.org
Wed Jan 17 16:08:41 EST 2007 

There was a followup to Bugtraq I know, but here's something more direct:

  http://grsecurity.net/news.php#digitalfud

  "The company in question is the same company that claimed a Linux 2.6.x
   remote root which never came to fruition...  As the PaX team has
   mentioned on the forums (see
   http://forums.grsecurity.net/viewtopic.php?t=1643), the function they
   claim the vulnerability to be in is a trivial function, which can, and
   has been, easily checked for any supposed vulnerabilities...
   it can safely be said that these vulnerability claims are pure
   attention-seeking FUD for a shady company."


- Steve


======================================================
Name: CVE-2007-0253
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0253
Reference: MISC:http://forums.grsecurity.net/viewtopic.php?t=1646
Reference: MISC:http://grsecurity.net/news.php#digitalfud
Reference: MISC:http://www.digitalarmaments.com/news_news.shtml

** DISPUTED **

Unspecified vulnerability in the grsecurity patch has unspecified
impact and remote attack vectors, a different vulnerability than the
expand_stack vulnerability from the Digital Armaments 20070110
pre-advisory.  NOTE: the grsecurity developer has disputed this issue,
stating that "the function they claim the vulnerability to be in is a
trivial function, which can, and has been, easily checked for any
supposed vulnerabilities."  The developer also cites a past disclosure
that was not proven.


======================================================
Name: CVE-2007-0257
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0257
Reference: BUGTRAQ:20070111 Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/456626/100/0/threaded
Reference: MISC:http://forums.grsecurity.net/viewtopic.php?t=1646
Reference: MISC:http://grsecurity.net/news.php#digitalfud
Reference: MISC:http://www.digitalarmaments.com/news_news.shtml
Reference: MISC:http://www.digitalarmaments.com/pre2007-00018659.html
Reference: BID:22014
Reference: URL:http://www.securityfocus.com/bid/22014
Reference: FRSIRT:ADV-2007-0155
Reference: URL:http://www.frsirt.com/english/advisories/2007/0155
Reference: SECUNIA:23713
Reference: URL:http://secunia.com/advisories/23713

** DISPUTED **

Unspecified vulnerability in the expand_stack function in grsecurity
PaX allows local users to gain privileges via unspecified vectors.
NOTE: the grsecurity developer has disputed this issue, stating that
"the function they claim the vulnerability to be in is a trivial
function, which can, and has been, easily checked for any supposed
vulnerabilities."  The developer also cites a past disclosure that was
not proven.

More information about the VIM mailing list