search for: krahmer

...o determine default keytab location ...don't assume that it's in /etc/krb5.keytab. Reported-by: Konstantin Lepikhov <klepikho at redhat.com> Signed-off-by: Jeff Layton <jlayton at samba.org> commit 0c521d5060035da655107001374e08873ac5dde8 Author: Sebastian Krahmer <krahmer at suse.de> Date: Mon Apr 14 11:39:41 2014 +0200 cifskey: better use snprintf() Prefer snprintf() over sprintf() in cifskey.c Projects that fork the code (pam_cifscreds) can't rely on the max-size parameters. [jlayton: removed unneeded initializat...

I have a box behind a firewall that I'd like to administer. The firewall allows outgoing connections, but blocks all incoming connection requests. Thus, behind the firewall I can ssh out to my server, but I can't do the reverse. I found Sebastian Krahmer's OpenSSH Reverse [1] which looks very promising, but it is a few revisions behind. I was wondering if anyone has considered integrating this with the OpenSSH code base. It seems like such a useful feature... Best, Clark [1] http://www.securiteam.com/tools/6I00N0K03K.html http://teso...

...m_read(void *opaque, const uint8_t * buf, int flags) The "flags" argument should be "size". Size should be checked before accessing buf. Please also see the bug fixes in the following unapplied patch: "[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian Krahmer https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtu...

...m_read(void *opaque, const uint8_t * buf, int flags) The "flags" argument should be "size". Size should be checked before accessing buf. Please also see the bug fixes in the following unapplied patch: "[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian Krahmer https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 473 bytes Desc: not available URL: <http://lists.linuxfoundation.org/pipermail/virtu...

...--Sincerely The Samba Team **************************************** * IMPORTANT: Security bugfix for Samba * **************************************** Summary - ------- The SuSE security audit team, in particular Sebastian Krahmer <krahmer@suse.de>, has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a s...

...--Sincerely The Samba Team **************************************** * IMPORTANT: Security bugfix for Samba * **************************************** Summary - ------- The SuSE security audit team, in particular Sebastian Krahmer <krahmer@suse.de>, has found a flaw in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a s...

...ty.html There is a patch there that can be applied to 2.6.9 (if you were using the xattrs.patch), 3.0.0, or 3.0.1. Those running a writable rsync daemon can opt to refuse the "xattrs" option in their daemon config to avoid the problem without an upgrade. I would like to thank Sebastian Krahmer for bringing this bug to my attention. To see the brief summary of the changes since 3.0.1, visit this link: http://rsync.samba.org/ftp/rsync/src/rsync-3.0.2-NEWS You can download the source tar file and its signature from here: http://rsync.samba.org/ftp/rsync/src/rsync-3.0.2.tar.gz http...

...ty.html There is a patch there that can be applied to 2.6.9 (if you were using the xattrs.patch), 3.0.0, or 3.0.1. Those running a writable rsync daemon can opt to refuse the "xattrs" option in their daemon config to avoid the problem without an upgrade. I would like to thank Sebastian Krahmer for bringing this bug to my attention. To see the brief summary of the changes since 3.0.1, visit this link: http://rsync.samba.org/ftp/rsync/src/rsync-3.0.2-NEWS You can download the source tar file and its signature from here: http://rsync.samba.org/ftp/rsync/src/rsync-3.0.2.tar.gz http...

...int > flags) > > The "flags" argument should be "size". Size should be checked > before accessing buf. > > Please also see the bug fixes in the following unapplied patch: > "[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian > Krahmer > https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html Jumping > late onto this thread: SUSE Security team has just recently done a thorough review of QEMU ivshmem code because a customer has requested this be supported in SLES12. Multiple security-related patches were submi...

...BSD-SA-02:32.pppd Security Advisory The FreeBSD Project Topic: exploitable race condition in pppd Category: core Module: pppd Announced: 2002-07-31 Credits: Sebastian Krahmer <krahmer@suse.de> Affects: All releases of FreeBSD up to and including 4.6.1-RELEASE-p1 Corrected: 2002-07-30 03:50:40 UTC (RELENG_4) 2002-07-30 19:15:52 UTC (RELENG_4_6) 2002-07-30 19:16:46 UTC (RELENG_4_5) 2002-07-30 19:17:27 UTC (...

...D-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contrib_cvs Announced: 2004-04-15 Credits: Sebastian Krahmer <krahmer@suse.de> Derek Robert Price <derek@ximbiot.com> Affects: All FreeBSD versions prior to 4.10-RELEASE Corrected: 2004-04-15 15:35:26 UTC (RELENG_4, 4.10-BETA) 2004-04-15 15:42:50 UTC (RELENG_5_2, 5.2.1-RELEASE-p5) 2004-0...

...D-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contrib_cvs Announced: 2004-04-15 Credits: Sebastian Krahmer <krahmer@suse.de> Derek Robert Price <derek@ximbiot.com> Affects: All FreeBSD versions prior to 4.10-RELEASE Corrected: 2004-04-15 15:35:26 UTC (RELENG_4, 4.10-BETA) 2004-04-15 15:42:50 UTC (RELENG_5_2, 5.2.1-RELEASE-p5) 2004-0...

...============ FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan Esser, Sebastian Krahmer, Derek Price iDEFENSE Affects: All FreeBSD versions Corrected: 2004-06-29 16:10:50 UTC (RELENG_4) 2004-09-19 22:26:22 UTC (RELENG_4_10, 4.10-RELEASE-p3) 2004-09-19 22:27:36 UTC (RELENG_4_9, 4.9-RELEASE-p12) 2004-09-19 22:28...

...============ FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan Esser, Sebastian Krahmer, Derek Price iDEFENSE Affects: All FreeBSD versions Corrected: 2004-06-29 16:10:50 UTC (RELENG_4) 2004-09-19 22:26:22 UTC (RELENG_4_10, 4.10-RELEASE-p3) 2004-09-19 22:27:36 UTC (RELENG_4_9, 4.9-RELEASE-p12) 2004-09-19 22:28...

...access. There exist several signedness bugs within the rsync program which allow remote attackers to write 0-bytes to almost arbitrary stack-locations, therefore being able to control the program flow. These bugs have been fixed. The rsync maintainers gratefully acknowledge the work of Sebastian Krahmer and the SuSE security team in discovering and addressing this problem. Although this vulnerability is primarily important for people running rsync daemons, it is not impossible that a malicious rsync server could use it to attack a client who connects over either ssh or port 873. All users should...

...y of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. 9. Acknowledgements Caldera Systems wishes to thank Sebastian "Stealth" Krahmer for discovering and reporting the bug. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE5N5b+18sy83A/qfwRAmDfAKC8gAzQiJJc1sDCwM8IqYFFujR7JgCeO65q kqD...

...t; argument should be "size". Size should be checked before > accessing buf. You are welcome to send a fix and I will review it. > > Please also see the bug fixes in the following unapplied patch: > "[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian Krahmer > https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html Thanks for the pointer. I'll check it. -- David Marchand

...t; argument should be "size". Size should be checked before > accessing buf. You are welcome to send a fix and I will review it. > > Please also see the bug fixes in the following unapplied patch: > "[PATCH] ivshmem: fix potential OOB r/w access (#2)" by Sebastian Krahmer > https://lists.gnu.org/archive/html/qemu-devel/2014-04/msg03538.html Thanks for the pointer. I'll check it. -- David Marchand

...t; for more information about the FreeBSD Ports Collection. II. Ports +------------------------------------------------------------------------+ Port name: net/samba Affected: versions < samba-2.2.8_2, samba-2.2.8a Status: Fixed Two vulnerabilities recently: (1) Sebastian Krahmer of the SuSE Security Team identified vulnerabilities that could lead to arbitrary code execution as root, as well as a race condition that could allow overwriting of system files. (This vulnerability was previously fixed in Samba 2.2.8.) (2) Digital Defense, Inc. reports: ``This vulnerability, if...

...t; for more information about the FreeBSD Ports Collection. II. Ports +------------------------------------------------------------------------+ Port name: net/samba Affected: versions < samba-2.2.8_2, samba-2.2.8a Status: Fixed Two vulnerabilities recently: (1) Sebastian Krahmer of the SuSE Security Team identified vulnerabilities that could lead to arbitrary code execution as root, as well as a race condition that could allow overwriting of system files. (This vulnerability was previously fixed in Samba 2.2.8.) (2) Digital Defense, Inc. reports: ``This vulnerability, if...