===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- www/errata38.html 2006/09/09 03:30:07 1.14
+++ www/errata38.html 2006/09/09 13:05:53 1.15
@@ -106,7 +106,7 @@
014: SECURITY FIX: September 2, 2006 All architectures
Due to the failure to correctly validate LCP configuration option lengths,
it is possible for an attacker to send LCP packets via an
-sppp(4)
+sppp(4)
connection causing the kernel to panic.
CVE-2006-4304
@@ -117,9 +117,9 @@
013: SECURITY FIX: August 25, 2006 All architectures
A problem in
-isakmpd(8)
+isakmpd(8)
caused IPsec to run partly without replay protection. If
-isakmpd(8)
+isakmpd(8)
was acting as responder during SA negotiation, SA's with a replay window of size 0 were created.
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
@@ -140,9 +140,9 @@
011: SECURITY FIX: August 25, 2006 All architectures
Due to an off-by-one error in
-dhcpd(8),
+dhcpd(8),
it is possible to cause
-dhcpd(8)
+dhcpd(8)
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
@@ -162,9 +162,8 @@
009: SECURITY FIX: July 30, 2006 All architectures
-httpd
-(8)
-'s mod_rewrite has a potentially exploitable off-by-one buffer overflow.
+httpd(8)'s
+mod_rewrite has a potentially exploitable off-by-one buffer overflow.
The buffer overflow may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration files,
could be triggered remotely. The default install is not affected by the
@@ -296,7 +295,7 @@
www@openbsd.org
-
$OpenBSD: errata38.html,v 1.14 2006/09/09 03:30:07 brad Exp $
+
$OpenBSD: errata38.html,v 1.15 2006/09/09 13:05:53 steven Exp $