# $NetBSD$ # # FORMAT 1.0.0 # # Note: NEVER remove entries from this file; this should document # *all* known system vulnerabilities so it is entirely appropriate to # have multiple entries in this file for a single utility/library etc. # # New entries should be added at the end of this file. # # Run "make upload" after the commit, so that ftp.NetBSD.org # can have the latest copy of the file. # # If you have comments/additions/corrections, please contact # security-alert@NetBSD.org. # # version vulnerability vul # utility get major type sev URL /netbsd get-ident 20060523 local-system-crash 75 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc /usr/libexec/sendmail/sendmail get-mtime 20060530 denial-of-service 60 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-017.txt.asc /usr/games/dm get-ident 20060608 privilege-escalation 50 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-018.txt.asc /usr/games/sail get-ident 20060608 privilege-escalation 50 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-018.txt.asc /usr/games/tetris get-ident 20060608 privilege-escalation 50 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-018.txt.asc /netbsd get-ident 20060827 kernel-buffer-overrun 65 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-019.txt.asc /usr/X11R6/lib/libXfont.a get-objdump 20060823 integer-overflow 40 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-020.txt.asc /usr/X11R6/lib/libXfont.a get-objdump 20060828 integer-overflow 40 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-021.txt.asc /usr/sbin/named get-mtime 20060823 denial-of-service 65 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-022.txt.asc /usr/lib/libcrypto.a get-objdump 20060906 PKCS-credential-forgery 75 ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2006-023.txt.asc #CHECKSUM SHA1 d4d5a7a6d4d70dd71422ebed9b6ce165642cf29b