version 1.244, 2003/03/31 09:05:09 |
version 1.245, 2003/05/17 03:21:11 |
|
|
<li><a href=errata26.html#xlockmore>May 25, 2000: |
<li><a href=errata26.html#xlockmore>May 25, 2000: |
xlockmore has a bug which a localhost attacker can use to gain |
xlockmore has a bug which a localhost attacker can use to gain |
access to the encrypted root password hash (which is normally |
access to the encrypted root password hash (which is normally |
encoded using blowfish (see |
encoded using blowfish</a> (see |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&sektion=3"> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&sektion=3"> |
crypt(3)</a>) |
crypt(3)</a>) |
(patch included).</a> |
(patch included). |
<li><a href=errata26.html#procfs>Jan 20, 2000: |
<li><a href=errata26.html#procfs>Jan 20, 2000: |
Systems running with procfs enabled and mounted are |
Systems running with procfs enabled and mounted are |
vulnerable to a very tricky exploit. procfs is not |
vulnerable to a very tricky exploit. procfs is not |