On 2006-01-27 01:42:13 +1100, Shane J Pearson wrote:
What an incredible load of tripe!...
This belongs on advocacy.
* Will H. Backman [EMAIL PROTECTED] [2006-01-26 23:15]:
By sending carefully crafted sequence of IP packet fragments, a remote
attacker can cause a system running pf with a ruleset containing a
'scrub fragment crop' or 'scrub fragment drop-ovl' rule to crash.
1: Has this been verified to
On Thu, 26 Jan 2006, Rob W wrote:
http://www.securityfocus.com/bid/16375 is minor but important enough to
report?
A way to remotly crash a OpenBSD box is minor?
If the number of systems affected is low, the answer may be yes. This
problem only exists if you enable specific scrubbing options
On Fri, Jan 27, 2006 at 10:07:33AM +0100, Otto Moerbeek wrote:
On Thu, 26 Jan 2006, Rob W wrote:
http://www.securityfocus.com/bid/16375 is minor but important enough to
report?
A way to remotly crash a OpenBSD box is minor?
If the number of systems affected is low, the answer may be
From: Chris Zakelj [EMAIL PROTECTED]
This is a denial of service, not a security exploit. Crashing a box
causes headaches, but the data within is still out of the reach of those
who would like to steal it.
It isn't important that people can crash your box remotely and make the
services provided
Rob W wrote:
From: Chris Zakelj [EMAIL PROTECTED]
This is a denial of service, not a security exploit. Crashing a box
causes headaches, but the data within is still out of the reach of those
who would like to steal it.
It isn't important that people can crash your box remotely and make
What an incredible load of tripe!...
From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
~~~
OpenBSD
by hahiss
How is it that OpenBSD is able to be so secure by design with so few
resources and yet all of Microsoft's resources cannot stem the tide of
security problems that
Shane J Pearson wrote:
What an incredible load of tripe!...
From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
Second, it is not completely accurate to say that OpenBSD is more
secure. If you compare vulnerability counts just from the last 3 months,
OpenBSD had 79 for
fox wrote:
Second, it is not completely accurate to say that OpenBSD is more
secure. If you compare vulnerability counts just from the last 3 months,
OpenBSD had 79 for November, December and January compared to 11 for
Microsoft (and that includes one each for Office and Exchange - so
really 9
On Fri, Jan 27, 2006 at 01:42:13AM +1100, Shane J Pearson wrote:
~~~
OpenBSD
by hahiss
How is it that OpenBSD is able to be so secure by design with so few
resources and yet all of Microsoft's resources cannot stem the tide of
security problems that impact everyone, including those of us
, January 26, 2006 9:05 AM
To: OpenBSD Misc
Subject: Re: MS Security VP Mike Nash remarks on MS vs OpenBSD security.
Shane J Pearson wrote:
What an incredible load of tripe!...
From:http://interviews.slashdot.org/article.pl?sid=06/01/26/131246
Second, it is not completely accurate to say
fox wrote:
According to http://openbsd.org/security.html, the last two releases
of OpenBSD have had 8 vulnerabilities (and that includes two that
apply to both releases - so really 6 for both releases of OpenBSD).
What about http://www.securityfocus.com/bid/16375 and
On 1/26/06, Rob W [EMAIL PROTECTED] wrote:
Is there other bugs that haven't made it to the errate page?
yes. you can find an exhaustive list here:
http://marc.theaimsgroup.com/?l=openbsd-cvsr=1w=2
but don't let the word get out. let's keep this quiet.
get it.
From: Marco Peereboom [EMAIL PROTECTED]
To: Rob W [EMAIL PROTECTED]
Subject: Re: MS Security VP Mike Nash remarks on MS vs OpenBSD security.
Date: Thu, 26 Jan 2006 13:04:55 -0600
How many times do you need to hear the same thing?
NOT ALL BUGFIXES MAKE IT TO THE ERRATA BECAUSE
Rob W wrote:
http://www.securityfocus.com/bid/16375 is minor but important enough to
report?
A way to remotly crash a OpenBSD box is minor?
From http://openbsd.org/security.html:
Security information moves very fast in cracker circles. On the other
hand, our experience is that coding and
On 1/26/06, Will H. Backman [EMAIL PROTECTED] wrote:
By sending carefully crafted sequence of IP packet fragments, a remote
attacker can cause a system running pf with a ruleset containing a
'scrub fragment crop' or 'scrub fragment drop-ovl' rule to crash.
1: Has this been verified to
Lukasz Sztachanski wrote:
On Fri, Jan 27, 2006 at 01:42:13AM +1100, Shane J Pearson wrote:
~~~
OpenBSD
by hahiss
How is it that OpenBSD is able to be so secure by design with so few
resources and yet all of Microsoft's resources cannot stem the tide of
security problems that
Rob W wrote:
What about http://www.securityfocus.com/bid/16375 and
http://docs.freebsd.org/cgi/mid.cgi?200601251013.k0PAD9lO059018 (Fixed
in cvs, but NO patch for 3.8 or 3.7 and NO security announce -
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_bridge.c.diff?r1=1.147r2=1.148)
18 matches
Mail list logo