OpenBSD 3.8 Errata Critical Vulnerability Information 001: January 5, 2006 - Security Fix Issue: Buffer overflow in the Perl interpreter, potentially exploitable under specific conditions. Affected Architectures: All architectures 002: January 5, 2006 - Security Fix Issue: Prevents users from reopening files via /dev/fd, mitigating user deception of scripts. Affected Architectures: All architectures 005: February 12, 2006 - Security Fix Issue: OpenSSH vulnerability due to unsafe use of system(3), potentially allowing execution of arbitrary shell commands. Affected Architectures: All architectures 006: March 25, 2006 - Security Fix Issue: Race condition in sendmail when handling asynchronous signals, potentially allowing remote attackers to execute arbitrary code with the privileges of the user running sendmail. Affected Architectures: All architectures 007: May 2, 2006 - Security Fix (CVE-2006-1526) Issue: Security flaw in X.Org server; authorized clients connecting to the X server could crash the server and execute malicious code. Affected Architectures: All architectures 008: June 15, 2006 - Security Fix Issue: Malformed MIME messages in sendmail could trigger excessive recursion, leading to stack exhaustion and impacting mail delivery. Affected Architectures: All architectures 009: July 30, 2006 - Security Fix Issue: Potential out-of-bounds buffer overflow in httpd(8)'s mod_rewrite module, possibly exploitable in combination with specific rewrite rules to trigger remote vulnerabilities. Affected Architectures: All architectures 010: August 25, 2006 - Security Fix Issue: Excessively long mail header lines in sendmail could trigger a use-after-free vulnerability, leading to crashes. Affected Architectures: All architectures 011: August 25, 2006 - Security Fix (CVE-2006-3122) Issue: Out-of-bounds error in dhcpd(8) caused by 32-byte client identifier, potentially exploitable to cause service termination. Affected Architectures: All architectures 014: September 2, 2006 - Security Fix (CVE-2006-4304) Issue: LCP configuration option length validation failure in sppp(4) connections, potentially leading to kernel panic. Affected Architectures: All architectures 015: September 8, 2006 - Security Fix (CVE-2006-4095, CVE-2006-4096) Issue: Two denial-of-service issues in BIND service, potentially causing DNS service interruption. Affected Architectures: All architectures 017: October 7, 2006 - Security Fix (CVE-2006-3918) Issue: httpd(8) does not clear the Expect header in HTTP requests, potentially exploitable for cross-site scripting attacks. Affected Architectures: All architectures 018: October 7, 2006 - Security Fix (CVE-2006-2937, CVE-2006-3738, CVE-2006-4343, CVE-2006-2940) Issue: Multiple issues in OpenSSL, including buffer overflows, infinite loops, and validation errors, leading to various security risks. Affected Architectures: All architectures 019: October 7, 2006 - Security Fix Issue: Integer overflow in systrace(4)'s STRIOCREPLACE support, potentially exploitable for DoS attacks, limited kernel read, or local privilege escalation. Affected Architectures: All architectures 020: October 12, 2006 - Security Fix (CVE-2006-4924, CVE-2006-5051) Issue: Two fixed security vulnerabilities in OpenSSH: one could cause sshd(8) to spin before login grace period expires, and another could exploit unsafe signal handling for pre-authentication service denial. Affected Architectures: All architectures