In association with heise online

29 August 2006, 11:22

Four updates for OpenBSD

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of OpenBSD have released updates to remove four vulnerabilities. An error in the ISAKMP service, for example, can under certain circumstances related to the negotiating of SAs lead to IPSec working without replay protection. An attacker could then resend intercepted packets back into the connection without the service noticing the inappropriate sequence numbers.

There is also another problem in the kernel: too many allocated semaphores provoking a kernel panic. The updates also close a hole in the DHCP server acknowledged three weeks ago as well as a DoS vulnerability in Sendmail. OpenBSD 3.8 and 3.9 are affected.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit