version 1.25, 2002/07/30 16:26:10 |
version 1.26, 2002/07/30 17:27:49 |
|
|
<ul> |
<ul> |
<a name=ssl></a> |
<a name=ssl></a> |
<li><font color=#009000><strong>030: SECURITY FIX: July 30, 2002</strong></font><br> |
<li><font color=#009000><strong>030: SECURITY FIX: July 30, 2002</strong></font><br> |
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> library, as in the ASN.1 parser code in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=3">crypto(3)</a> library, all of them being potentially remotely exploitable. |
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> |
|
library, as in the ASN.1 parser code in the |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=3">crypto(3)</a> |
|
library, all of them being potentially remotely exploitable.<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/030_ssl.patch">A source code patch exists which remedies the problem</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/030_ssl.patch">A source code patch exists which remedies the problem</a>. |
<p> |
<p> |
<a name=xdr></a> |
<a name=xdr></a> |
<li><font color=#009000><strong>029: SECURITY FIX: July 29, 2002</strong></font><br> |
<li><font color=#009000><strong>029: SECURITY FIX: July 29, 2002</strong></font><br> |
A buffer overflow can occur in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdr_array&sektion=3">xdr_array(3)</a> RPC code, leading to possible remote crash.<br> |
A buffer overflow can occur in the |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdr_array&sektion=3">xdr_array(3)</a> |
|
RPC code, leading to possible remote crash.<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/029_xdr.patch">A source code patch exists which remedies the problem</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/029_xdr.patch">A source code patch exists which remedies the problem</a>. |
<p> |
<p> |
<a name=pppd></a> |
<a name=pppd></a> |
<li><font color=#009000><strong>028: SECURITY FIX: July 29, 2002</strong></font><br> |
<li><font color=#009000><strong>028: SECURITY FIX: July 29, 2002</strong></font><br> |
A race condition exists in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a> daemon which may cause it to alter the file permissions of an arbitrary file.<br> |
A race condition exists in the |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a> |
|
daemon which may cause it to alter the file permissions of an arbitrary file.<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/028_pppd.patch">A source code patch exists which remedies the problem</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/028_pppd.patch">A source code patch exists which remedies the problem</a>. |
<p> |
<p> |
<a name=isakmpd2></a> |
<a name=isakmpd2></a> |