Multics on HIS 645 Unlocked Stack Base Master Mode Privilege Escalation

1974-06-01T22:31:21
ID OSVDB:22134
Type osvdb
Reporter OSVDB
Modified 1974-06-01T22:31:21

Description

Vulnerability Description

Multics contains a flaw that may allow a local user to elevate privileges. The issue is due to a flaw in the unlocked stack base system. It is possible for an attacker to manipulate the signaller to enter at location 0 with an invalid index register before setting the stack pointer to an area of extraneous storage in a link segment (such as emergency_shutdown.link). This could allow an attacker to place custom code in the link that would be executed with ring0 privileges.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Multics contains a flaw that may allow a local user to elevate privileges. The issue is due to a flaw in the unlocked stack base system. It is possible for an attacker to manipulate the signaller to enter at location 0 with an invalid index register before setting the stack pointer to an area of extraneous storage in a link segment (such as emergency_shutdown.link). This could allow an attacker to place custom code in the link that would be executed with ring0 privileges.

References:

Related OSVDB ID: 22128 Related OSVDB ID: 22136 Related OSVDB ID: 22129 Related OSVDB ID: 22132 Related OSVDB ID: 22130 Related OSVDB ID: 22133 Related OSVDB ID: 22135 Related OSVDB ID: 22131 Other Advisory URL: http://csrc.nist.gov/publications/history/karg74.pdf Other Advisory URL: http://cnscenter.future.co.kr/resource/rsc-center/vendor-wp/ibm/RC22534.pdf Keyword: karg74