• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Only two remote holes in the default install, in more than 10 years!

N

n0cmonkey

Elite Member
010: SECURITY FIX: March 7, 2007 All architectures
Incorrect mbuf handling for ICMP6 packets.
Using pf(4) to avoid the problem packets is an effective workaround until the patch can be installed.
Use "block in inet6" in /etc/pf.conf
4.0 patch
3.9 patch

This is a bad one. Happy patching. 🙂
 
Looks like 2002, it was a hole in OpenSSH. A metric buttload of work went into OpenSSH after that... Everything from privilege separation to reducing the amount of code accessed by an attack.
 
Highly interesting.
What I´m thinking to myself is if that solid basis would become the basis for the Linux flavors, the problems can be with the apps for the vulnerabilities.
But, every app that needs connections with the external world, well programed and open, normally is very solid.
I´m thinking in try Solaris Again, and try to solve the problems that I´ve found before.
I have a bunch of dificulties to install drivers and KDE.

What´s better ?
Free/Open BSD or Solaris ?
 
Originally posted by: greylica
Highly interesting.
What I´m thinking to myself is if that solid basis would become the basis for the Linux flavors, the problems can be with the apps for the vulnerabilities.
But, every app that needs connections with the external world, well programed and open, normally is very solid.
I´m thinking in try Solaris Again, and try to solve the problems that I´ve found before.
I have a bunch of dificulties to install drivers and KDE.

What´s better ?
Free/Open BSD or Solaris ?
Click to expand...

Free, Net, and Open are all fine. OpenBSD supports Free software, the others a bit less (blobs and all that). Solaris is fake Free, but it's fun to run sometimes. I wouldn't consider it as a good desktop though, it's a bit clumsy for that.
 
Originally posted by: CTho9305
I don't think this vuln is that bad. The attacker has to be on the local network, right?
Click to expand...

Yeah, as far as I've read at least.
So someone would pretty much have to compromise some other neighboring box to get an attack vector.

Ah well, guess I'll update anyway, I have PF blocking most anything incoming, but it'll give me something to do.
I always keep complaining that OpenBSD is boring because it just sits there and does it thing without hand holding, so I guess I should be happy now 🙂

greylica, like n0c said, Solaris is more of a server OS, I've used it as a desktop, but I'd say any of the BSD's or most any Linux distro would make a better overall choice.
 
Originally posted by: Sunner
Originally posted by: CTho9305
I don't think this vuln is that bad. The attacker has to be on the local network, right?
Click to expand...

Yeah, as far as I've read at least.
So someone would pretty much have to compromise some other neighboring box to get an attack vector.

Ah well, guess I'll update anyway, I have PF blocking most anything incoming, but it'll give me something to do.
I always keep complaining that OpenBSD is boring because it just sits there and does it thing without hand holding, so I guess I should be happy now 🙂

greylica, like n0c said, Solaris is more of a server OS, I've used it as a desktop, but I'd say any of the BSD's or most any Linux distro would make a better overall choice.
Click to expand...

Want something to do? Follow -CURRENT. :evil:
 
The good news is that this doesn't affect those who are either blocking IPv6 traffic with PF, or compiled their kernels without IPv6 support.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top