FreeBSD has issued a patch that may or may not be the final fix for a vulnerability that allows someone with local access on a network to run binary code with the help of the FreeBSD run-time link editor and gain root access.
Intruders could possibly use other vulnerabilities (such as one in a web application) to exploit the vulnerability.
German researcher Nikolaos Rangos posted information about the flaw on Full Disclosure mailing list. It affects FreeBSD versions 7.1, 7.2 and 8.0. FreeBSD is an open-source operating system.
Story here.
FreeBSD advisory here.
Tom Kelchner