===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.242
retrieving revision 1.243
diff -c -r1.242 -r1.243
*** www/security.html 2003/03/24 19:21:05 1.242
--- www/security.html 2003/03/26 01:16:40 1.243
***************
*** 196,244 ****
! - March 24, 2003:
A cryptographic weaknesses in the Kerberos v4 protocol can be
exploited on Kerberos v5 as well.
!
- March 19, 2003:
OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack
designed by Czech researchers Klima, Pokorny and Rosa.
!
- March 18, 2003:
Various SSL and TLS operations in OpenSSL are vulnerable to
timing attacks.
!
- March 5, 2003:
A buffer overflow in lprm(1) may allow an attacker to elevate
privileges to user daemon..
!
- March 3, 2003:
A buffer overflow in the envelope comments processing in
sendmail(8) may allow an attacker to gain root privileges.
!
- February 25, 2003:
httpd(8) leaks file inode numbers via ETag header as well as
child PIDs in multipart MIME boundary generation. This could
lead, for example, to NFS exploitation because it uses inode
numbers as part of the file handle.
!
- February 22, 2003:
In ssl(8) an information leak can occur via timing by performing
a MAC computation even if incorrect block cipher padding has
been found, this is a countermeasure. Also, check for negative
sizes, in allocation routines.
!
- January 20, 2003:
A double free exists in cvs(1) that could lead to privilege
escalation for cvs configurations where the cvs command is
run as a privileged user.
!
- November 14, 2002:
A buffer overflow exists in named(8) that could lead to a
remote crash or code execution as user named in a chroot jail.
!
- November 6, 2002:
A logic error in the pool kernel memory allocator could cause
memory corruption in low-memory situations, causing the system
to crash.
!
- November 6, 2002:
An attacker can bypass smrsh(8)'s restrictions and execute
arbitrary commands with the privileges of his own account.
!
- November 6, 2002:
Network bridges running pf with scrubbing enabled could cause
mbuf corruption, causing the system to crash.
!
- October 21, 2002:
A buffer overflow can occur in the kadmind(8) daemon, leading
to possible remote crash or exploit.
--- 196,244 ----
! - March 24, 2003:
A cryptographic weaknesses in the Kerberos v4 protocol can be
exploited on Kerberos v5 as well.
!
- March 19, 2003:
OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack
designed by Czech researchers Klima, Pokorny and Rosa.
!
- March 18, 2003:
Various SSL and TLS operations in OpenSSL are vulnerable to
timing attacks.
!
- March 5, 2003:
A buffer overflow in lprm(1) may allow an attacker to elevate
privileges to user daemon..
!
- March 3, 2003:
A buffer overflow in the envelope comments processing in
sendmail(8) may allow an attacker to gain root privileges.
!
- February 25, 2003:
httpd(8) leaks file inode numbers via ETag header as well as
child PIDs in multipart MIME boundary generation. This could
lead, for example, to NFS exploitation because it uses inode
numbers as part of the file handle.
!
- February 22, 2003:
In ssl(8) an information leak can occur via timing by performing
a MAC computation even if incorrect block cipher padding has
been found, this is a countermeasure. Also, check for negative
sizes, in allocation routines.
!
- January 20, 2003:
A double free exists in cvs(1) that could lead to privilege
escalation for cvs configurations where the cvs command is
run as a privileged user.
!
- November 14, 2002:
A buffer overflow exists in named(8) that could lead to a
remote crash or code execution as user named in a chroot jail.
!
- November 6, 2002:
A logic error in the pool kernel memory allocator could cause
memory corruption in low-memory situations, causing the system
to crash.
!
- November 6, 2002:
An attacker can bypass smrsh(8)'s restrictions and execute
arbitrary commands with the privileges of his own account.
!
- November 6, 2002:
Network bridges running pf with scrubbing enabled could cause
mbuf corruption, causing the system to crash.
!
- October 21, 2002:
A buffer overflow can occur in the kadmind(8) daemon, leading
to possible remote crash or exploit.
***************
*** 1039,1045 ****
www@openbsd.org
! $OpenBSD: security.html,v 1.242 2003/03/24 19:21:05 millert Exp $