| version 1.124, 2000/05/23 20:58:20 |
version 1.125, 2000/05/25 07:39:27 |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href=errata.html#procfs>May 25, 2000: |
| |
xlockmore has a bug which a localhost attacker can use to gain |
| |
access to the encrypted root password hash (which is normally |
| |
encoded using blowfish (see |
| |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&sektion=3"> |
| |
crypt(3)</a>) |
| |
(patch included).</a> |
| <li><a href=errata.html#procfs>Jan 20, 2000: |
<li><a href=errata.html#procfs>Jan 20, 2000: |
| Systems running with procfs enabled and mounted are |
Systems running with procfs enabled and mounted are |
| vulnerable to a very tricky exploit. procfs is not |
vulnerable to a very tricky exploit. procfs is not |
| mounted by default. |
mounted by default. |
| (patch included).</a> |
(patch included).</a> |
| <li><a href=errata.html#ifmedia>Nov 9, 1999: |
<li><a href=errata.html#ifmedia>Nov 9, 1999: |
| Any user could change interface media configurations |
Any user could change interface media configurations, resulting in |
| |
a localhost denial of service attack. |
| (patch included).</a> |
(patch included).</a> |
| <li><a href=errata.html#sslUSA>Dec 2, 1999: |
<li><a href=errata.html#sslUSA>Dec 2, 1999: |
| A buffer overflow in the RSAREF code included in the |
A buffer overflow in the RSAREF code included in the |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www