search for: auscert

...;& make all install but somehow define OPIE or, I think, include the configure option --with-skey=PATH, or both. Can this be achieved within the regular system build process, or must I roll my own? thanks, joel -- Joel Hatton -- Security Analyst | Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert@auscert.org.au

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.20 Original issue date: September 18, 1996 Last revised: -- Topic: Sendmail Vulnerabilities - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:05 *** The CERT Coordination Center

...Page : 1 Classification: External Version: 1 Subject : Squid cache corruption Date : 6-Aug-98 =============================================================================== By courtesy of AUSCERT we received information on a problem with the 1.NOVM version of the popular Squid web caching tool. This problem can result in web pages looking corrupted. CERT-NL agrees with the assesment of AUSCERT that this is not a security problem per se. However, the corrupted web pages caused by this proble...

...<filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD http://www.cert.org AUSCERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian -- ---------------------------------------------------------------------- Cristian Gaft...

...<filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD http://www.cert.org AUSCERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian - -- - ---------------------------------------------------------------------- Cristian...

Hi, I've been trying for the past few days to come up with a method for checking a FreeBSD system to see if it is vulnerable to an issue described by a FreeBSD security advisory in some automated way, similar to the way portaudit can use VuXML to check for vulnerabilities in ports. Right now, I'm a bit stuck--there seem to be fairly major issues with all the methods I've come up

...nerability #6: the "naptr bug" Some versions of BIND fail to validate zone information loaded from disk files. In environments with unusual combinations of permissions and protections, this could allow an intruder to crash named. Other recent BIND-related vulnerabilities AusCERT recently published a report describing denial-of-service attacks against name servers. These attacks are unrelated to the issues described in this advisory. For information on the denial-of-service attacks described by AusCERT, please see AusCERT Alert AL-1999.004 available at: f...

...<filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD http://www.cert.org AUSCERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian - -- - ---------------------------------------------------------------------- Cristian...

...ty in Ruby. So far it doesn't appear in the VuXML, but am I correct in presuming it will soon? https://rhn.redhat.com/errata/RHSA-2006-0604.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 cheers, -- Joel Hatton -- Infrastructure Manager | Hotline: +61 7 3365 4417 AusCERT - Australia's national CERT | Fax: +61 7 3365 7031 The University of Queensland | WWW: www.auscert.org.au Qld 4072 Australia | Email: auscert@auscert.org.au

The following code is a first attempt at a simple but flexible suid wrapper which checks argv[] and environment. It might introduce new security holes or have other bugs; using 1 as a general failure exit value may be the wrong thing to do. The wrapper reads a configuration file named /etc/wrapper.cfg; see the comments in wrapper.c for the file''s format. Flame, comment, or use at will.

...s co-moderator for both linux-security and linux-alert. As many of you no doubt know, Alex has been very active on the Linux security lists since their creation. He has also been the author of the numerous "Linux Security FAQ Updates" and has contributed to a number of other (e.g. CERT, AUSCERT) advisories. I''m still hanging on "in the background" as both lists'' administrator for the time being, however. - --Up. - -- Jeff Uphoff - systems/network admin. | juphoff@nrao.edu National Radio Astronomy Observatory | juphoff@bofh.org.uk Charlottesville, VA, US...

Everyone: We're starting to see a rash of password guessing attacks via SSH on all of our exposed BSD servers which are running an SSH daemon. They're coming from multiple addresses, which makes us suspect that they're being carried out by a network of "bots" rather than a single attacker. But wait... there's more. The interesting thing about these attacks is that

...inistrative rights on vulnerable systems. The vulnerability has >been discovered by Marko Laakso and Ari Takanen of the Secure >Programming Group of the University of Oulu. It has received >considerable public attention in the media and through reports >published by Microsoft, Netscape, AUSCERT, CIAC, NTBugTraq, and >others. > >The vulnerability affects a number of mail and news clients in >addition to the ones which have been the subjects of those reports. > > >II. Impact > >An intruder who sends a carefully crafted mail message to a vulnerable >system can,...

...en needed. WARN: untar libpcap where your *current untarred* tcpdump files lie, in other words under the tcpdump-3.4 directory! There are other very intersting papers around the net... all of the above and others can be found at: www.geek-girl.com www.cs.purdue.edu/coast/hotlist and CIAC, CERT, AUSCERT and similar.... so read them carefully ... ;-))) Yours, -fire

I reported the following vulnerability to AUSCERT, but they weren''t interested. People on this list might be, though! GNU tar is lazy about file creation modes and file owners when unpacking a tar file. Because GNU tar defaults to creating files owned by the userid running tar when the username is not found on your system, it can be po...

...Individuals involved in this effort were: Theo de Raadt <deraadt@openbsd.org> Niels Provos <provos@openbsd.org> Todd Miller <millert@openbsd.org> Allen Briggs <briggs@openbsd.org> Further attributions: AUSCERT <auscert@auscert.org.au> David Sacerdote <davids@secnet.com> Oliver Friedrichs <oliver@secnet.com> Alfred Huger <ahuger@secnet.com> Additional Information: ~~~~~~~~~~~~~~~~~~~~~~~ [1] Vixie P. , "DNS and BIND security issues&...

...Page : 1 Classification: External Version: 1 Subject : Squid cache corruption Date : 6-Aug-98 =============================================================================== By courtesy of AUSCERT we received information on a problem with the 1.NOVM version of the popular Squid web caching tool. This problem can result in web pages looking corrupted. CERT-NL agrees with the assesment of AUSCERT that this is not a security problem per se. However, the corrupted web pages caused by this proble...

Many thanks to the moderator who pointed out errors and suggested the correct information on this post. Over half the ideas are due to him. ;) Don't forget this is about writing your own daemon or TCP program. Some of the ideas here will not happen with today's software that has been hardened. It is presented to prevent your software from being taken advantage of. Most often,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced: