OpenBSD Patching
Applied 2 more patches to my OpenBSD 3.3 system on my Toshiba 4015CDT
laptop, 020_isakmpd2.patch & 021_openssl.patch
020_isakmpd2.patch:
Defects in the payload validation and processing functions of isakmpd(8)
have been discovered. An attacker could send malformed ISAKMP messages
and cause isakmpd to crash or to loop endlessly. This patch fixes these problems
and removes some memory leaks.
021_openssl.patch:
A missing check for a NULL-pointer dereference has been found in ssl(3). A
remote attacker can use the bug to cause an OpenSSL application to crash;
this may lead to a denial of service.
OpenBSD Patching
New patch, 018_tcp.patch, applied tonight on my laptop, still running
OpenBSD 3.3 with previous applicable patches applied. Here’s the
basic info:
————
OpenBSD’s TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system.
If an attacker was allowed to connect to an open TCP port, he could send out-of-order TCP segments and trick the system into using all available memory buffers. Packet handling would be impaired, and new connections would fail until the the attacking TCP connection is closed.
The problem is fixed in -current, 3.4-stable and 3.3-stable.
Patches are available at:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/013_tcp.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/018_tcp.patch
————
And, for those who might have problems following the directions in the
patch, there are some good instructions at:
http://www.deadly.org/commentShow.php3?sid=20040308194719&pid=242
They are as follows:
From the Patch itself.
Apply by doing:
cd /usr/src
patch -p0
