OpenBSD select() overflow exploit v1.25 Vulnerability exploited: CAN-2002-1420 - BID-5442 Category: Exploits/Local Exploits a kernel buffer overflow that occurs when passing negative values to the select() system call. The nfds (number of file descriptors) argument to the select() system call is a signed integer. Bounds checking code in the kernel evaluates this argument in a signed context.By passing negative arguments it is possible to cause the kernel to copy a large amount of data from userspace into a buffer on the stack, overflowing the allocated space.This module exploits the vulnerability to lower the system security level to -1 and launches a level 0 agent with root privileges. Supported Systems: OpenBSD 2.7 (i386) OpenBSD 2.8 (i386) OpenBSD 2.9 (i386) OpenBSD 3.0 (i386) OpenBSD 3.1 (i386) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.