By JT Pennington
Published December 26, 2019 7:00am
Authentication Vulnerabilities in OpenBSD, NetBSD 9.0 RC1 is available, Running FreeNAS on a DigitalOcean droplet, NomadBSD 1.3 is here, at e2k19 nobody can hear you scream, and more.HeadlinesAuthentication vulnerabilities in OpenBSDWe discovered an authentication-bypass vulnerability in OpenBSD's authentication system: this vulnerability is remotely exploitable in smtpd, ldapd, and radiusd, but its real-world impact should be studied on a case-by-case basis. For example, sshd is not exploitable thanks to its defense-in-depth mechanisms.From the manual page of login.conf:
OpenBSD uses BSD Authentication, which is made up of a variety of authentication...