| version 1.55, 2013/10/26 15:21:13 |
version 1.56, 2014/02/27 17:26:45 |
|
|
| <a href="errata51.html">5.1</a>, |
<a href="errata51.html">5.1</a>, |
| <a href="errata52.html">5.2</a>, |
<a href="errata52.html">5.2</a>, |
| <a href="errata53.html">5.3</a>, |
<a href="errata53.html">5.3</a>, |
| <a href="errata54.html">5.4</a>. |
<a href="errata54.html">5.4</a>, |
| |
<a href="errata55.html">5.5</a>. |
| <br> |
<br> |
| <hr> |
<hr> |
| |
|
|
|
| <p> |
<p> |
| <li><a name="isakmpd3"></a> |
<li><a name="isakmpd3"></a> |
| <font color="#009000"><strong>024: SECURITY FIX: June 10, 2004</strong></font><br> |
<font color="#009000"><strong>024: SECURITY FIX: June 10, 2004</strong></font><br> |
| As |
As |
| <a href="http://seclists.org/lists/fulldisclosure/2004/Jun/0191.html">disclosed</a> |
<a href="http://seclists.org/lists/fulldisclosure/2004/Jun/0191.html">disclosed</a> |
| by Thomas Walpuski |
by Thomas Walpuski |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
|
|
| has established a cross-realm trust with their realm. The flaw is due to |
has established a cross-realm trust with their realm. The flaw is due to |
| inadequate checking of the "transited" field in a Kerberos request. For |
inadequate checking of the "transited" field in a Kerberos request. For |
| more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"> |
more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"> |
| Heimdal's announcement</a>. |
Heimdal's announcement</a>. |
| <br> |
<br> |
| <a |
<a |
| href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/022_kerberos.patch"> |
href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/022_kerberos.patch"> |
|
|
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <li><a name="sysvshm"></a> |
<li><a name="sysvshm"></a> |
| <font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
<font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
| A reference counting bug exists in the |
A reference counting bug exists in the |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
| system call that could be used by an attacker to write to kernel memory |
system call that could be used by an attacker to write to kernel memory |
|
|
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <li><a name="isakmpd"></a> |
<li><a name="isakmpd"></a> |
| <font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
<font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
| Several message handling flaws in |
Several message handling flaws in |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
| have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
|
|
| <p> |
<p> |
| <li><a name="uvm"></a> |
<li><a name="uvm"></a> |
| <font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
<font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
| It is possible for a local user to cause a crash via |
It is possible for a local user to cause a crash via |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
|
|
| <br> |
<br> |
| |
|
| <hr> |
<hr> |
| <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
| <a href="mailto:www@openbsd.org">www@openbsd.org</a> |
<a href="mailto:www@openbsd.org">www@openbsd.org</a> |
| <br><small>$OpenBSD$</small> |
<br><small>$OpenBSD$</small> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to errata34.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www