search for: alertdetail

Here I would like to suggest a replacement for MAP_ANON on systems which do not have it, such as Solaris < 8. In "man mmap" of Solaris 8: When MAP_ANON is set in flags, and fd is set to -1, mmap() provides a direct path to return anonymous pages to the caller. This operation is equivalent to passing mmap() an open file descriptor on /dev/zero with

Hi, I spotted today following line at my FreeBSD 4.6.2-RELEASE IPFIREWALL log: Jul 1 13:34:35 fbsd /kernel: ipfw: 1400 Accept TCP xxxxxx:22 yyyyy:22 in via ed1 where xxxxxx is the attacker's IP and yyyyy is my box. But in sshd log, there are no traces left behind by this connection. Normally, there is "Did not receive identification string from xxx" etc, when somebody tries to

...----------------------------------------------------+ Port name: krb5 Affected: versions < krb5-1.2.5_2 Status: Fixed Contains an overflow in Sun RPC XDR decoder. <URL:http://online.securityfocus.com/archive/1/285308> <URL:http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20823> <URL:http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2002-001-xdr.txt> +------------------------------------------------------------------------+ Port name: linux-netscape6, netscape7, linux-mozilla, and mozilla Affected: versions < mozilla-1.0_1,1 (mozil...

...malized against > the current packet size, leading to an overflow condition. The RPC > preprocessor is enabled by default. > > For additional information, please read the ISS X-Force advisory > located at > > http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21951 > > This vulnerability affects Snort versions 1.8.x through 1.9.1 and > version 2.0 Beta. > > II. Impact > > Both VU#139129 and VU#916785 allow remote attackers to execute > arbitrary code with the privileges of the user runn...