version 1.242, 2003/03/24 19:21:05 |
version 1.243, 2003/03/26 01:16:40 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
<li><a href=errata.html#kerberos>March 24, 2003: |
<li><a href=errata32.html#kerberos>March 24, 2003: |
A cryptographic weaknesses in the Kerberos v4 protocol can be |
A cryptographic weaknesses in the Kerberos v4 protocol can be |
exploited on Kerberos v5 as well.</a> |
exploited on Kerberos v5 as well.</a> |
<li><a href=errata.html#kpr>March 19, 2003: |
<li><a href=errata32.html#kpr>March 19, 2003: |
OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack |
OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack |
designed by Czech researchers Klima, Pokorny and Rosa.</a> |
designed by Czech researchers Klima, Pokorny and Rosa.</a> |
<li><a href=errata.html#blinding>March 18, 2003: |
<li><a href=errata32.html#blinding>March 18, 2003: |
Various SSL and TLS operations in OpenSSL are vulnerable to |
Various SSL and TLS operations in OpenSSL are vulnerable to |
timing attacks.</a> |
timing attacks.</a> |
<li><a href=errata.html#lprm>March 5, 2003: |
<li><a href=errata32.html#lprm>March 5, 2003: |
A buffer overflow in lprm(1) may allow an attacker to elevate |
A buffer overflow in lprm(1) may allow an attacker to elevate |
privileges to user daemon.</a>. |
privileges to user daemon.</a>. |
<li><a href=errata.html#sendmail>March 3, 2003: |
<li><a href=errata32.html#sendmail>March 3, 2003: |
A buffer overflow in the envelope comments processing in |
A buffer overflow in the envelope comments processing in |
sendmail(8) may allow an attacker to gain root privileges.</a> |
sendmail(8) may allow an attacker to gain root privileges.</a> |
<li><a href=errata.html#httpd>February 25, 2003: |
<li><a href=errata32.html#httpd>February 25, 2003: |
httpd(8) leaks file inode numbers via ETag header as well as |
httpd(8) leaks file inode numbers via ETag header as well as |
child PIDs in multipart MIME boundary generation. This could |
child PIDs in multipart MIME boundary generation. This could |
lead, for example, to NFS exploitation because it uses inode |
lead, for example, to NFS exploitation because it uses inode |
numbers as part of the file handle.</a> |
numbers as part of the file handle.</a> |
<li><a href=errata.html#ssl>February 22, 2003: |
<li><a href=errata32.html#ssl>February 22, 2003: |
In ssl(8) an information leak can occur via timing by performing |
In ssl(8) an information leak can occur via timing by performing |
a MAC computation even if incorrect block cipher padding has |
a MAC computation even if incorrect block cipher padding has |
been found, this is a countermeasure. Also, check for negative |
been found, this is a countermeasure. Also, check for negative |
sizes, in allocation routines.</a> |
sizes, in allocation routines.</a> |
<li><a href=errata.html#cvs>January 20, 2003: |
<li><a href=errata32.html#cvs>January 20, 2003: |
A double free exists in cvs(1) that could lead to privilege |
A double free exists in cvs(1) that could lead to privilege |
escalation for cvs configurations where the cvs command is |
escalation for cvs configurations where the cvs command is |
run as a privileged user.</a> |
run as a privileged user.</a> |
<li><a href=errata.html#named>November 14, 2002: |
<li><a href=errata32.html#named>November 14, 2002: |
A buffer overflow exists in named(8) that could lead to a |
A buffer overflow exists in named(8) that could lead to a |
remote crash or code execution as user named in a chroot jail.</a> |
remote crash or code execution as user named in a chroot jail.</a> |
<li><a href=errata.html#pool>November 6, 2002: |
<li><a href=errata32.html#pool>November 6, 2002: |
A logic error in the pool kernel memory allocator could cause |
A logic error in the pool kernel memory allocator could cause |
memory corruption in low-memory situations, causing the system |
memory corruption in low-memory situations, causing the system |
to crash.</a> |
to crash.</a> |
<li><a href=errata.html#smrsh>November 6, 2002: |
<li><a href=errata32.html#smrsh>November 6, 2002: |
An attacker can bypass smrsh(8)'s restrictions and execute |
An attacker can bypass smrsh(8)'s restrictions and execute |
arbitrary commands with the privileges of his own account.</a> |
arbitrary commands with the privileges of his own account.</a> |
<li><a href=errata.html#pfbridge>November 6, 2002: |
<li><a href=errata32.html#pfbridge>November 6, 2002: |
Network bridges running pf with scrubbing enabled could cause |
Network bridges running pf with scrubbing enabled could cause |
mbuf corruption, causing the system to crash.</a> |
mbuf corruption, causing the system to crash.</a> |
<li><a href=errata.html#kadmin>October 21, 2002: |
<li><a href=errata32.html#kadmin>October 21, 2002: |
A buffer overflow can occur in the kadmind(8) daemon, leading |
A buffer overflow can occur in the kadmind(8) daemon, leading |
to possible remote crash or exploit.</a> |
to possible remote crash or exploit.</a> |
</ul> |
</ul> |