headers
NetBSD Security-Officer | 4 Sep 2008 23:52
Picon

NetBSD Security Advisory 2008-011: ICMPv6 MLD query


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		 NetBSD Security Advisory 2008-011
		 =================================

Topic:		ICMPv6 MLD query

Version:	NetBSD-current:		affected
		NetBSD 4.0:		affected
		NetBSD 3.1.*:		not affected
		NetBSD 3.1:		not affected
		NetBSD 3.0.*:		not affected
		NetBSD 3.0:		not affected

Severity:	Denial of service

Fixed:		NetBSD-current:		August 22, 2008
		NetBSD-4-0 branch:	August 23, 2008
			(4.0.1 will include the fix)
		NetBSD-4 branch:	August 23, 2008
			(4.1 will include the fix)

Abstract
========

A malformed ICMPv6 MLD (RFC 2710) query directed at a NetBSD host can 
result in a denial of service (system panic).
(Continue reading)

Permalink | Reply | 0 comments |
headers
NetBSD Security-Officer | 15 Sep 2008 23:03
Picon

NetBSD Security Advisory 2008-012: Denial of service issues in racoon(8)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		 NetBSD Security Advisory 2008-012
		 =================================

Topic:		Denial of service issues in racoon(8)

Version:	NetBSD-current:		affected
		NetBSD 4.0:		affected
		NetBSD 3.1.*:		not affected
		NetBSD 3.1:		not affected
		NetBSD 3.0.*:		not affected
		NetBSD 3.0:		not affected

Severity:	Denial of service

Fixed:		NetBSD-current:		August 12, 2008
		NetBSD-4-0 branch:	August 18, 2008
			(4.0.1 will include the fix)
		NetBSD-4 branch:	August 18, 2008
			(4.1 will include the fix)
		pkgsrc:			ipsec-tools-0.7.1 corrects the issue

Abstract
========

Currently racoon(8) does not remove orphaned ph1s initiated by a remote side.
As a result of this a potential denial of service issue can occur.
(Continue reading)

Permalink | Reply | 0 comments |

Gmane