Puget Sound Technology Linux • Open Source • BSD  
TrainingSupport & Administration  
 

Binary Updates for NetBSD/i386 1.6

  • binary-update.NetBSD-1.6-i386-libkvm-20020917
     libkvm close-on-exec issue (2002-09-16)
     local users may be able to read kernel memory via libkvm applications
     ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:39.libkvm.asc
    
  • binary-update.NetBSD-1.6-i386-smrsh-20021001
     Sendmail smrsh bypass vulnerabilities (01/Oct/2002)
     bypass smrsh restrictions and run other non-approved commands
     http://www.sendmail.org/smrsh.adv.txt
    
  • binary-update.NetBSD-1.6-i386-rogue-20021001
     Rogue games issue (28/Sep/2002)
     users can edit games scores and bypass quotas via rogue overflow
     http://online.securityfocus.com/archive/1/293582/2002-09-25/2002-10-01/0
    
  • binary-update.NetBSD-1.6-i386-SA2002-022-pic
     NetBSD Security Advisory 2002-022
     possible remote root compromise via lpd (pic argument buffer overrun)
     http://online.securityfocus.com/bid/3103
    
  • binary-update.NetBSD-1.6-i386-SA2002-019-ntalkd
     NetBSD Security Advisory 2002-019
     possible local root compromise via ntalkd buffer overrun
     ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-019.txt.asc
    
  • binary-update.NetBSD-1.6-i386-SA2002-026-kadmind
     NetBSD Security Advisory 2002-026
     remote buffer overflow in Heimdal Kerberos kadmind, resulting in root exploit
     http://www.pdc.kth.se/heimdal/
    
  • binary-update.NetBSD-1.6-i386-SA2002-025-trek
     NetBSD Security Advisory 2002-025
     trek game buffer overrun
     ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc
    
  • binary-update.NetBSD-1.6-i386-SA2002-024-ipf
     NetBSD Security Advisory 2002-024
     IP Filter FTP proxy module vulnerability
     ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-024.txt.asc
    
  • binary-update.NetBSD-1.6-i386-bind-20021112
     BIND remote exploit and DoS vulnerabilities (2002-11-12)
     possible remote compromise and denial of service issues in BIND
     http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
    
  • binary-update.NetBSD-1.6-i386-SA2002-027-ftpd
     NetBSD Security Advisory 2002-027
     ftpd STAT output non-conformance can deceive firewall devices
     http://www.kb.cert.org/vuls/id/328867
    
  • binary-update.NetBSD-1.6-i386-SA2002-028-libc
     NetBSD Security Advisory 2002-028
     possible remote root compromise; buffer overrun in getnetbyname/getnetbyaddr
     http://www.isc.org/products/BIND/bind-security.html
    
  • binary-update.NetBSD-1.6-i386-cvs-20030120
     CVS remote vulnerability (2003-01-20)
     possible remote root compromise via cvs server (double-free)
     http://security.e-matters.de/advisories/012003.html
    
  • binary-update.NetBSD-1.6-i386-openssl-20030222
     OpenSSL timing-based attack issue (2003-02-19)
     possible information leak via timing-based attack on CBC SSL/TLS ciphers
     http://www.openssl.org/news/secadv_20030219.txt
    
  • binary-update.NetBSD-1.6-i386-SA2003-002-sendmail
     NetBSD Security Advisory 2003-002
     possible remote root compromise via sendmail (malformed header)
     http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
    
  • binary-update.NetBSD-1.6-i386-SA2003-003-file
     NetBSD Security Advisory 2003-003
     locally exploitable buffer overflow in file(1)
     http://www.idefense.com/advisory/03.04.03.txt
    
  • binary-update.NetBSD-1.6-i386-zlib-20030312 (12/Mar/2003)
     zlib buffer overrun vulnerability (2003-02-22)
     possible denial of service or code execution via zlib buffer overflow
     http://online.securityfocus.com/archive/1/312869
     NetBSD Security Advisory 2003-004 (26/Mar/2003)
    
  • NetBSD-1.6-i386-openssl-20030324 (24/Mar/2003)
     OpenSSL RSA timing (2003-03-17) and Klima-Pokorny-Rosa attacks (2003-03-19)
     possible remote recovery of an RSA secret key and possible RSA vulnerability
     ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:06.openssl.asc
     NetBSD Security Advisory 2003-005 and SA2003-007 (26/Mar/2003)
    
  • NetBSD-1.6-i386-SA2003-006-kerberos
     NetBSD Security Advisory 2003-006
     possible remote root compromise from cryptographic weaknesses in Kerberos v4
     http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt
    
  • NetBSD-1.6-i386-SA2003-009-sendmail
     NetBSD Security Advisory 2003-009
     possible DoS and remote root compromise via sendmail server (parser overrun)
     http://www.securityfocus.com/archive/1/316773/2003-03-27/2003-04-02/0
    

Note that sometimes the application or library version is not changed. Also be sure to restart daemons or running software as applicable.

 
Home | About | Services | Training | Hosting | Contact