similar to: Re: undocumented bugs - nfsd

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: new NFS server packages available (5.2, 4.2) Advisory ID: RHSA-1999:053-01 Issue date: 1999-11-11 Updated on: 1999-11-11 Keywords: nfs-server PATH_MAX NAME_MAX rpc.nfsd Cross references: Bugtraq id #782 --------------------------------------------------------------------- 1.

I've got egg on my face... There is a nasty security hole in the User-space NFS servers. If you are running an NFS server, please upgrade as soon as possible to the latest release, nfs-server-2.2beta35.tar.gz, which can be found at ftp://linux.mathematik.tu-darmstadt.de/pub/linux/people/okir All previous releases are vulnerable. <Taking off his okir hat and putting on his caldera

Summary: you can exploit a single-byte buffer overrun to gain root privs. When, half a day after releasing version 2.2beta37 of the Linux nfs server, I received a message from Larry Doolittle telling me that it was still vulnerable to the root exploit posted to bugtraq, I was ready to quit hacking and start as a carpenter... Tempting as that was, I didn''t, and started looking for the

Hi there, some of the recent holes discussed on this list, and David Holland''s suggestion for a utmp manager daemon got me thinking. I ended up coding a sample program that demonstrates how a `resource manager'' can be used to allow applications access to certain resources while not giving them any privileges. The sample program is a primitve modem manager that hands out open

-----BEGIN PGP SIGNED MESSAGE----- ld.so Vulnerability A buffer overflow problem was reported on bugtraq affecting the ELF and a.out program loaders on Linux. This problem can possibly be exploited by malicious users to obtain root access. On Linux, programs linked against shared libraries execute some code contained in /lib/ld.so (for a.out binaries) or /lib/ld-linux.so (for ELF

-----BEGIN PGP SIGNED MESSAGE----- Hi all, Prompted by Mark''s discussion of the transname patch I''ve put together an experimental patch to the Linux nfsd that supports something I''ve named CDFs for lack of a more appropriate name. They''re not real CDFs, and in particular, they won''t let you manage stuff like shared /etc directories for diskless

Hi all, I just looked into LPRng to see to what extent it is affected by the problems recently reported for the BSD lpd. It seems that it is fairly safe from those mentioned in the SNI advisory. > Problem 1: File creation > > Individuals with access to the line printer daemon from a privileged > port on a valid print client can tell lpd to create a file, providing > the name of

---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:13:36 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Fixes for Slackware 4.0 Available There are several security updates available for Slackware 4.0. These patches should work on any libc5 Slackware system, but we have not tested them on each of the previous

Hi all, The patches in this series can be applied independently from each other. If you maintain one of these drivers and you want to merge it for v5.4 yourself, then please do so and let me know. If you prefer I commit it to drm-misc, then please review and (hopefully) Ack the patch. I would really like to get this in for v5.4 so I can get the userspace bits in for v5.4 as well through the

Hi Dariusz, Hans, I can apply the dw-hdmi patches if necessary. Neil On 19/08/2019 11:38, Hans Verkuil wrote: > Hi all, > > The patches in this series can be applied independently from each other. > > If you maintain one of these drivers and you want to merge it for v5.4 > yourself, then please do so and let me know. If you prefer I commit it > to drm-misc, then please

I was surprised to see that this hadn't made it to the samba list yet. Note I have not spent any time trying to confirm validity. ---------- Forwarded message ---------- Date: Fri, 26 Sep 1997 00:21:55 +0200 From: root <root@ADM.KIX-AZZ.ORG> To: BUGTRAQ@NETSPACE.ORG /* ___ ______ _ _ / \ | _ \ | \ / |

Reviewed-by: Lyude Paul <lyude at redhat.com> On Wed, 2019-08-14 at 12:44 +0200, Dariusz Marcinkiewicz wrote: > Pass the connector info to the CEC adapter. This makes it possible > to associate the CEC adapter with the corresponding drm connector. > > Signed-off-by: Dariusz Marcinkiewicz <darekm at google.com> > Signed-off-by: Hans Verkuil <hverkuil-cisco at

On 2/6/2017 1:46 ??, Nikolaos Milas wrote: > After a bit of search, I found the associated reports: > > https://bugs.centos.org/view.php?id=13351 > https://bugzilla.redhat.com/show_bug.cgi?id=1454876 > > No solution yet, but -as a workaround- it seems that -at least- nfs > problems are indeed solved with downgrading. I have been working fine with CentOS 7.3, since I

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in syslogd Advisory ID: RHSA-1999:055-01 Issue date: 1999-11-19 Updated on: 1999-11-19 Keywords: syslogd sysklogd stream socket Cross references: bugtraq id #809 --------------------------------------------------------------------- 1. Topic: A

---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Patches for Slackware 7.0 Available There are several security updates available for Slackware 7.0. We will always post bug fixes and security fixes to the /patches subdirectory on the ftp site:

Hello. I'm running CentOS 7 with mainline kernel 3.17 built by myself. I've configured the kernel with all the xen parameters as builtin instead of modules. Yesterday I've decided to try to build and install Xen from sources. I've pulled the latest sources from git, changed the branch to staging and built and installed xen like this: make xen make tools make stubdom sudo make

Alex, Ville/Rodrigo, Ben, Can you (hopefully) Ack this patch so that I can merge it? Thank you! Hans On 8/14/19 12:44 PM, Dariusz Marcinkiewicz wrote: > Pass the connector info to the CEC adapter. This makes it possible > to associate the CEC adapter with the corresponding drm connector. > > Signed-off-by: Dariusz Marcinkiewicz <darekm at google.com> > Signed-off-by:

Hi all, I woke up this morning to find this on one of my machines. The machine is still running but the load according to top is over 13 yet I see no processes actually loading the machine. The only running process is top itself. Below is hopefully the revelent output from dmesg and /var/log/messages. I have had this b4 but this is the first time I have been able to get any useful information

The mount /dev/hdc /mnt problem still exists for me. Regards Robin. Here''s the dmesg of Xen: __ __ _ ____ \ \/ /___ _ __ / | |___ \ \ // _ \ ''_ \ | | __) | / \ __/ | | | | |_ / __/ /_/\_\___|_| |_| |_(_)_____| http://www.cl.cam.ac.uk/netos/xen University of Cambridge Computer Laboratory Xen version 1.2

Hi. I spawned a thread last week about the failure of bridged networking and I have gotten a little further. Turns out that I _do_ have network connectivity from inside the domains, but I cannot get the network to come up when I boot. I have to login and start up the network manually. E.g. after installing Debian Sarge according to the debootstrap method outlined in the users manual, I created a