Summary of Problem Reports Assigned to "security-officer"

Automatically generated on 3 Oct 2024 23:00:00 GMT

Severity
Categorycriticalseriousnon-criticalDescription
security 108Security bugs

Sorted by Category, Severity, and Priority.


[NetBSD home] [Summary index] [Search PRs] [Send a PR]


Category: security

Severity: serious

security/41942
[open high priority sw-bug] telnetd(8) allows direct root login on tty marked as insecure
security/51115
[open high priority change-request] release sum file signatures should be in release dirs
security/55659
[open high priority sw-bug] ssh-keygen may generate predictable keys
security/38276
[open medium priority sw-bug] openpam treats sufficient as optional in "prelim" phase making pam_ldap fail
security/43160
[open medium priority sw-bug] nss_ldap
security/50026
[open medium priority sw-bug] buffer overflow ipfilter
security/55764
[open medium priority sw-bug] per_user_tmp=YES not really usable
security/57449
[open medium priority sw-bug] Approximately a bajillion buffer overruns in netpgpverify
security/58652
[open medium priority sw-bug] libnv: Integer overflow and buffer overrun vulnerabilities
security/58708
[open medium priority sw-bug] Mitigation for CVE-2018-6922 (SegmentSmack)

Severity: non-critical

security/40576
[open medium priority sw-bug] veriexecgen sets no explicit access mode for some files and the default behaviour of veriexec in face of this cause errors
security/42119
[open medium priority change-request] ippool startup script missing
security/47630
[open medium priority sw-bug] ssh_host_ecdsa_key is not in /etc/mtree/special
security/6594
[open low priority sw-bug] the default "nobody" credentials (32767:9999) do not match mountd's default (-2:-2)
security/11146
[analyzed low priority sw-bug] built-in TCP wrapper in inetd does not protect UDP or internal services
security/23756
[open low priority change-request] /dev/random should block on writes if the entropy pool is full
security/51177
[open low priority sw-bug] Kerberos still supported?
security/51682
[open low priority support] Remote un-authenticated denial of service

[NetBSD home] [Page top] [Summary index] [Search PRs] [Send a PR]