Security Issues with NetBSD
Results 1 to 4 of 4

Thread: Security Issues with NetBSD

  1. #1
    Senior Member
    Join Date
    Aug 2002
    Posts
    115

    Exclamation Security Issues with NetBSD

    NetBSD has just recently disclosed a list of serveral security issues. I have compiled the list w\ workarounds and made them available in the message attachment. Just trying to give a heads up.

    All information via Security Mailing

    Sec Issues:

    Buffer overrun in libc/libresolv DNS resolver
    Buffer overrun in setlocale
    Bug in NFS server code allows remote denial of service
    Repeated TIOCSCTTY ioctl can corrupt session hold counts
    Multiple security isses with kfd daemon
    Sun RPC XDR decoder contains buffer overflow
    Symlink race in pppd
    Multiple vulnerabilities in OpenSSL code


    This was useful to me, as I have an older NetBSD 1.5 box. There are some 1.6 problems too.
    Civilization. The death of dreams.

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Just wondering, how many here have/run one or more netbsd boxes (besides digitalgadfly!

    (I don't... I use OpenBSD...)

    Ammo
    Credit travels up, blame travels down -- The Boss

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    291
    I actually prefer netbsd and other bsd variants to other O/S distro's... it's quite stable.. and honestly considering netbsd went under and was purchased... time between patches has increased dramatically.

    if you were to wait as long as was spent before the release of this bug information with any other O/S whether M$ or linux driven you would probably have a list similar or even longer.

    Just my opinion, unfortunately since NetBSD as a full on entity is no more, I have moved to Free and Open BSD.... sadly.....
    ~THEJRC~
    I\'ll preach my pessimism right out loud to anyone that listens!
    I\'m not afraid to be alive.... I\'m afraid to be alone.

  4. #4
    Senior Member
    Join Date
    Aug 2002
    Posts
    115
    I regularly use Slackware 8.1 and FreeBSD 4.6. My friends and I run an NetBSD personal server and I must agree that NetBSD has gone downhill over time. I am not worried because there are enough free *nix OS out there to keep me happy.
    Civilization. The death of dreams.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •