Touche! I can contribute several hours a week to this effort with the
caveat that I wasn't too successful in finding the original fix which
spawned this thread.
Cheers,
Dan
On 10/19/06, Lars Hansson <[EMAIL PROTECTED]> wrote:
>
> Podo Carp wrote:
> > I love the fact that OpenBSD does not compro
Podo Carp wrote:
I love the fact that OpenBSD does not compromise the fundamental security
and design principles upon which it was founded. Adding clearer
documentation of OpenBSD's superior security can only enhance its
reputation
Are you volunteering to do the work?
---
Lars Hansson
Hi Joe,
I see that some errata information has CVE included (probably those
disclosed before OpenBSD fixed them). Where this information is absent, I
am not confident that the errata details are relevant. In the case of the
SSL problem, there was a patch released around the time of the original
On Wed, Oct 18, 2006 at 05:09:12PM +0200, ropers wrote:
> On 18/10/06, stuartv <[EMAIL PROTECTED]> wrote:
> >I have one firewall that is on an external audit/scan list that the people
> >who actually do our audits doesn't believe really even exists because they
> >can't even find it. Basically it
Podo Carp wrote:
Thanks Steve,
The scanner does indeed rely on banners (which can be completely unreliable
especially on OpenBSD). However, I would like them to not knock over my
servers trying to confirm the problem if I can easily determine that the
patches are irrelevant. Of course this is
On 18/10/06, stuartv <[EMAIL PROTECTED]> wrote:
I have one firewall that is on an external audit/scan list that the people
who actually do our audits doesn't believe really even exists because they
can't even find it. Basically it has EVERYTHING locked down tight as a drum
and allows only a few
Podo,
Around here I have had to write up "exception" documents for our OpenBSD
servers when we get stuff like this on security audit/scans. Imagine the
pain in the ass it is to have to convince a non-technical supervisor that
the "HIGH LEVEL" vulnerability (that in one case only effected Debian
L
Thanks Steve,
The scanner does indeed rely on banners (which can be completely unreliable
especially on OpenBSD). However, I would like them to not knock over my
servers trying to confirm the problem if I can easily determine that the
patches are irrelevant. Of course this is a greater problem
Podo Carp wrote:
I recently underwent an audit of my OpenBSD 3.8 systems and the audit report
identified CVE-2004-0700 (mod-proxy/mod_ssl format string vulnerability) as
a potential risk.
Perhaps your scanner relies on reported versions, rather than actual
vulnerabilities?
If I'm reading the
Greetings,
I recently underwent an audit of my OpenBSD 3.8 systems and the audit report
identified CVE-2004-0700 (mod-proxy/mod_ssl format string vulnerability) as
a potential risk. Given the age of the problem and the proactive patching
stance of OpenBSD, I suspect this has been fixed for some t
10 matches
Mail list logo
