File:  [NetBSD Developer Wiki] / wikisrc / users / spz / secref2.mdwn
Revision 1.2: download - view: text, annotated - select for diffs
Sat Jan 21 03:00:14 2012 UTC (10 years, 10 months ago) by schmonz
Branches: MAIN
CVS tags: HEAD
Better living through less markup, fix meta title directives and a
broken link, wrap long lines that aren't table rows. Might benefit
from a template.

[[!meta title="Security Vulnerability Reference List"]]
# Security Vulnerability Reference List

Affected files, fix dates for specific releases and fixed versions
can be found through the 'Fixed in Releases' link.

[[!table data="""
Identifier|Topic|Impact|Fixed in HEAD|Fixed in Releases|Advisory
[[CVE-2010-3613|]]|BIND DoS due to improper handling of RRSIG records|remote DoS|20101202|[[20110123|secref2/20110123]]|[[2011-001|]]
[[CVE-2011-0014|]]|OpenSSL TLS extension parsing race condition|DoS, info leak|20110211|[[20110217|secref2/20110217]]|[[2011-002|]]
-|Exhausting kernel memory from user controlled value|local DoS|20110304|[[20110307|secref2/20110307]]|[[2011-003|]]
[[CVE-2011-1547|]]|Kernel stack overflow via nested IPCOMP packet|remote DoS|20110401|[[20110403|secref2/20110403]]|[[2011-004|]]
[[CVE-2011-0997|]]|ISC dhclient environment sanitizing|remote script execution|20110406|[[20110407|secref2/20110407]]|[[2011-005|]]
[[CVE-2011-2464|]]|BIND DoS via packet with rrtype zero|remote DoS|20110706|[[20110716|secref2/20110716]]|[[2011-006|]]
[[CVE-2011-2895|]]|LZW decoding loop on manipulated compressed files|DoS, info leak|20110816|[[20110819|secref2/20110819]]|[[2011-007|]]
[[CVE-2011-4122|]]|OpenPAM privilege escalation|privilege escalation|20111109|[[20111119|secref2/20111119]]|[[2011-008|]]
[[CVE-2011-4313|]]|BIND resolver DoS|remote DoS|20111116|[[20111120|secref2/20111120]]|[[2011-009|]]
[[CVE-2011-4862|]]|telnetd unchecked encryption key length|remote code execution|20111223|[[20111231|secref2/20111231]]|
[[CVE-2010-1166|]]|incorrect macro definition in Xrender|auth user DoS + remote code execution|20111230|[[20120101|secref2/20120101]]|

CVSweb for NetBSD wikisrc <> software: FreeBSD-CVSweb