FreeBSD-SA-04:05.openssl question
Rostislav Krasny
rosti_bsd at yahoo.com
Wed Mar 17 16:45:00 PST 2004
Hello there.
The FreeBSD-SA-04:05.openssl Security Advisory announced a
"null-pointer assignment during SSL handshake" DoS vulnerability.
However, the OpenSSH Security Advisory of 17 March 2004 announced the
same vulnerability with one more vulnerability. Look at
http://www.openssl.org/news/secadv_20040317.txt
Isn't FreeBSD vulnerable to the second "Out-of-bounds read affects
Kerberos ciphersuites" security problem?
Thanks
__________________________________
Do you Yahoo!?
Yahoo! Mail - More reliable, more storage, less spam
http://mail.yahoo.com
More information about the freebsd-security
mailing list