netbsd-help: Re: amd buffer overflow attack

Subject: Re: amd buffer overflow attack
To: Ruibiao Qiu <ruibiao@arl.wustl.edu>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: netbsd-help
Date: 11/18/1999 16:56:36

On Thu, Nov 18, 1999 at 09:15:37AM -0600, Ruibiao Qiu wrote:
> Hi, all
> 
> Checking out the following URL:
> 	http://www.cert.org/advisories/CA-99-12-amd.html
> I wonder if NetBSD is vulnerable to this attack.  OpenBSD is not,
> but FreeBSD needs a patch for this.

NetBSD was. 1.4.1 is vulnerable, you need to upgrade to the -release branch
or a recent -current (I don't remenber the exact date of the fix - a month or
two).

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--