Rembrandt

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 4.2 through 4.5 NetBSD version 5.0 before RC3 MirOS version 10 and earlier MidnightBSD version 0.3-current **Description** The issue allows remote attackers to cause a denial of service via crafted IP packets, triggering a NULL pointer dereference during translation. This is related to an IPv4 packet with an ICMPv6 payload. **Recommendations** For OpenBSD versions 4.2 through 4.5, update to a version outside of this range to resolve the issue. For NetBSD version 5.0 before RC3, update to RC3 or later to resolve the issue. For MirOS version 10 and earlier, update to a version later than 10 to resolve the issue. For MidnightBSD version 0.3-current, consider restricting access to the `pf test rule` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Netgear SSL312 (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in a device crash, by sending a crafted query string to the 'cgi-bin/welcome/VPN only' endpoint in the web interface. This can be achieved using directory traversal sequences. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.