- binary-update.NetBSD-1.6-i386-libkvm-20020917
libkvm close-on-exec issue (2002-09-16)
local users may be able to read kernel memory via libkvm applications
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
- binary-update.NetBSD-1.6-i386-smrsh-20021001
Sendmail smrsh bypass vulnerabilities (01/Oct/2002)
bypass smrsh restrictions and run other non-approved commands
http://www.sendmail.org/smrsh.adv.txt
- binary-update.NetBSD-1.6-i386-rogue-20021001
Rogue games issue (28/Sep/2002)
users can edit games scores and bypass quotas via rogue overflow
http://online.securityfocus.com/archive/1/293582/2002-09-25/2002-10-01/0
- binary-update.NetBSD-1.6-i386-SA2002-022-pic
NetBSD Security Advisory 2002-022
possible remote root compromise via lpd (pic argument buffer overrun)
http://online.securityfocus.com/bid/3103
- binary-update.NetBSD-1.6-i386-SA2002-019-ntalkd
NetBSD Security Advisory 2002-019
possible local root compromise via ntalkd buffer overrun
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc
- binary-update.NetBSD-1.6-i386-SA2002-026-kadmind
NetBSD Security Advisory 2002-026
remote buffer overflow in Heimdal Kerberos kadmind, resulting in root exploit
http://www.pdc.kth.se/heimdal/
- binary-update.NetBSD-1.6-i386-SA2002-025-trek
NetBSD Security Advisory 2002-025
trek game buffer overrun
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc
- binary-update.NetBSD-1.6-i386-SA2002-024-ipf
NetBSD Security Advisory 2002-024
IP Filter FTP proxy module vulnerability
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc
- binary-update.NetBSD-1.6-i386-bind-20021112
BIND remote exploit and DoS vulnerabilities (2002-11-12)
possible remote compromise and denial of service issues in BIND
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
- binary-update.NetBSD-1.6-i386-SA2002-027-ftpd
NetBSD Security Advisory 2002-027
ftpd STAT output non-conformance can deceive firewall devices
http://www.kb.cert.org/vuls/id/328867
- binary-update.NetBSD-1.6-i386-SA2002-028-libc
NetBSD Security Advisory 2002-028
possible remote root compromise; buffer overrun in getnetbyname/getnetbyaddr
http://www.isc.org/products/BIND/bind-security.html
- binary-update.NetBSD-1.6-i386-cvs-20030120
CVS remote vulnerability (2003-01-20)
possible remote root compromise via cvs server (double-free)
http://security.e-matters.de/advisories/012003.html
- binary-update.NetBSD-1.6-i386-openssl-20030222
OpenSSL timing-based attack issue (2003-02-19)
possible information leak via timing-based attack on CBC SSL/TLS ciphers
http://www.openssl.org/news/secadv_20030219.txt
- binary-update.NetBSD-1.6-i386-SA2003-002-sendmail
NetBSD Security Advisory 2003-002
possible remote root compromise via sendmail (malformed header)
http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
- binary-update.NetBSD-1.6-i386-SA2003-003-file
NetBSD Security Advisory 2003-003
locally exploitable buffer overflow in file(1)
http://www.idefense.com/advisory/03.04.03.txt
- binary-update.NetBSD-1.6-i386-zlib-20030312 (12/Mar/2003)
zlib buffer overrun vulnerability (2003-02-22)
possible denial of service or code execution via zlib buffer overflow
http://online.securityfocus.com/archive/1/312869
NetBSD Security Advisory 2003-004 (26/Mar/2003)
- NetBSD-1.6-i386-openssl-20030324 (24/Mar/2003)
OpenSSL RSA timing (2003-03-17) and Klima-Pokorny-Rosa attacks (2003-03-19)
possible remote recovery of an RSA secret key and possible RSA vulnerability
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:06.openssl.asc
NetBSD Security Advisory 2003-005 and SA2003-007 (26/Mar/2003)
- NetBSD-1.6-i386-SA2003-006-kerberos
NetBSD Security Advisory 2003-006
possible remote root compromise from cryptographic weaknesses in Kerberos v4
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt
- NetBSD-1.6-i386-SA2003-009-sendmail
NetBSD Security Advisory 2003-009
possible DoS and remote root compromise via sendmail server (parser overrun)
http://www.securityfocus.com/archive/1/316773/2003-03-27/2003-04-02/0
Note that sometimes the application or library version is not changed.
Also be sure to restart daemons or running software as applicable.