Podo Carp wrote:
Thanks Steve,
The scanner does indeed rely on banners (which can be completely unreliable
especially on OpenBSD). However, I would like them to not knock over my
servers trying to confirm the problem if I can easily determine that the
patches are irrelevant. Of course this is a greater problem for holes that
are not fixed but I can't tell which is the case without more information.
A centralized repository of vulnerability information would make my job
maintaining OpenBSD systems much simpler and would provide yet another
avenue to extoll the virtues of OpenBSD versus other operating systems (as
in this case where the patch was released a year before the vulnerability
was disclosed).
You can find all security vulnerabilities here:
http://www.openbsd.org/errata.html
