version 1.87, 1998/03/31 23:24:26 |
version 1.88, 1998/03/31 23:26:27 |
|
|
<a name=named></a> |
<a name=named></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
A vulnerability exists when (and only when) /etc/named.conf has the |
A vulnerability exists when (and only when) /etc/named.conf has the |
<strong>fake-iquery</strong> option enabled. |
<strong>fake-iquery</strong> option enabled. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/named.patch> |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/named.patch> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
|
|
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
A vulnerability exists in ping(8); if the -R option is used to record |
A vulnerability exists in ping(8); if the -R option is used to record |
routes, an attacker can spoof a reply packet that will overflow inside |
routes, an attacker can spoof a reply packet that will overflow inside |
ping. |
ping. Preliminary investigation makes it look the worst attack |
|
possible is to make ping crash, but one never knows... |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/ping.patch> |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/ping.patch> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |