search for: eygene

Good day. Just spotted the new advisory from CORE: http://www.securityfocus.com/archive/1/462728/30/0/threaded Not an expert, but FreeBSD's src/sys/kern/uipc_mbuf2.c has the very simular code. Robert, anyone, could you please check? Thank you. -- Eygene

...cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you should have a look. Thanks! -- Eygene

I've used that patch to close the hole. This patch is temporary and doesn't fix real trouble maker - problem in new version in getenv() (after 6.3 it got changed to something monstrous and non-working right if environment has only one variable), hope it will get fixed soon. *** rtld.c.orig Tue Dec 1 16:55:13 2009 --- rtld.c Tue Dec 1 16:55:55 2009 *************** *** 357,374 ****

Hi, Does FASTIPSec in FreeBSD use OCF framework ? Where can I find more documentation ? I wish to run cryptographic algorithms after setting a VPN. What command should I use to run a particular crytographic algorithm (e.g. 3DES etc.) Where can I find all such information ? -- Regards, Bubble

...nst char *from, char *to) if (len == 0) pwd = getpwuid(ID0realuid()); else { + if (to + len >= endto) { + *to = '\0'; + return from; + } strncpy(to, from, len); to[len] = '\0'; pwd = getpwnam(to); Thank you! -- Eygene

>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [patch] [vuxml] net/wireshark: fix DoS in SMTP dissector >Severity: serious >Priority: high >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEAS...

...0070315/a6be0eb3/attachment-0001.pgp > > ------------------------------ > > Message: 5 > Date: Thu, 15 Mar 2007 12:02:24 +0100 (BST) > From: Robert Watson <rwatson@FreeBSD.org> > Subject: Re: OpenBSD IPv6 remote kernel buffer overflow. FreeBSD has > this too? > To: Eygene Ryabinkin <rea-fbsd@codelabs.ru> > Cc: freebsd-security@freebsd.org > Message-ID: <20070315120009.A60010@fledge.watson.org> > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > > On Wed, 14 Mar 2007, Eygene Ryabinkin wrote: > >> Just spotted the new...

Good day. I am posting the follow-up to the -hackers and CC'ing to the -security, because some more-or-less nasty points were found. Sat, Feb 23, 2008 at 10:32:02PM +0300, Eygene Ryabinkin wrote: > But there is another concern with bzero(): it is well-known function. > Especially for compilers. And it is bad: some arrays inside g_eli, > that hold decryption keys are the local variables. And they are > not used after the final bzero() call, so optimizing compil...

This note is essentially a request for a reality check. I use IPFW & natd on the box that provides the interface between my home networks and the Internet; the connection is (static) residential DSL. I configured IPFW to accept & log all SSH "setup" requests, and use natd to forward such requests to an internal machine that only accepts public key authentication; that

...eBSD.org wrote: > http://www.freebsd.org/cgi/query-pr.cgi?pr=128837 > > >Category: ports > >Responsible: freebsd-ports-bugs > >Synopsis: [vuxml] net-mgmt/net-snmp and net-mgmt/net-snmp53: CVE-2008-4309 > >Arrival-Date: Thu Nov 13 11:00:11 UTC 2008 -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;...

...e who are running Autokey with stock NTPD: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 http://www.freebsd.org/cgi/query-pr.cgi?pr=134787 For users of net/ntp: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/134755 http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/134756 -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-...

Hi, I am just new to the FreeBSD system and look forward to take active part in contributing. Can someone please guide where can I find OCF source code in FreeBSD and also is there IKE implementation and OpenSWAN ? Regards, Raja

subj [ODiP] == Dmitry Grigorovich

Hello, If an ordinary user runs: -- snip -- cat > starv.c <<EOF main(){ char *point; while(1) { point = ( char * ) malloc(10000); }} EOF cc starv.c while true do ./a.out & done -- snip -- This will fast starv the operating system (FreeBSD 6.2). I have tried to limit the number of processes and the amount of memmory consumed (in login.conf). There is also a file /etc/malloc.conf

...but I think they are messed the numbers -- there is no such CVE, at least I failed to find it via cve.mitre.org: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1997 But the CVE-2007-1870 is a candidate and has no relevant information, so I am not 100% sure about the correct number. -- Eygene -------------- next part -------------- <vuln vid="unknown"> <topic>clamav -- CAB File Unstore Buffer Overflow Vulnerability</topic> <affects> <package> <name>clamav</name> <range><ge>0.90rc3</ge><lt>0.90....

>Submitter-Id: current-users >Originator: Eygene Ryabinkin >Organization: Code Labs >Confidential: no >Synopsis: [vuxml] editors/vim: document netrw issues >Severity: serious >Priority: medium >Category: ports >Class: sw-bug >Release: FreeBSD 7.1-PRERELEASE i386 >Environment: System: FreeBSD 7.1-PRERELEASE i386 >...

Hi everyone, Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ . should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? : " MD5 has not yet (2001-09-03) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on MD5 are in the

I'm not really a developer, but was considering if there is a key vulnerability in geli given that when you change a key there isn't a disk update. Consider the scenario where a new file system is created and populated with some files. At a later time the original key is changed because someone has gained access to the key and passphrase. A new key is generated and attached, but none of