search for: meltzer

This is to announce that XMCD 2.1 patchlevel 0 has been released which fixes all of the issues previously raised by David Meltzer. It also contains a number of other minor feature and functionality enhancements. The new version may be obtained via the xmcd web page at: http://sunsite.unc.edu/~cddb/xmcd/ Users of xmcd with older versions are encouraged to upgrade. -Ti -- \\ // XMCD - Motif CD player / CDA - Command line C...

...his: /ISOs/custom.iso /Builds/version/RPMs/rpm_dir1/{many rpms here} /Builds/version/RPMs/rpm_dir2/{many rpms here} /Builds/version/RPMs/rpm_dir3/{many rpms here} /custom.msg /initrd.img /ldlinux.sys (got here after running syslinux) /syslinux.cfg /vmlinuz Any ideas? Best regards, Noam Meltzer

hello and thanks for reading this, i am doing a volunteer project for a school in harlem,ny. they have had donated 30 nics computers from thinknic.com. it can pxe boot. it had a cdrom and it has no hard drive. i am looking for ways to boot windows98 on these machines. i read on some site that memdisk can be used on legacy os. before i spend days testing it out, is it possible to boot windows98

...davem@iss.net. Program: xmcd 2.0pl2 (and previous versions) Affected Operating Systems: All with xmcd installed suid root Requirements: account on system Patch: chmod -s xmcd Security Compromise: root Reported By: David J. Meltzer (davem@iss.net) Synopsis: A buffer overflow in the XMCD_CDDBPATH environment variable allows a user to overwrite the contents of the stack and execute arbitrary code as root. [trad:davem] ~ >./bo --exists -e XMCD_CDDBPAT...

...eived: from phoenix.iss.net (204.241.60.5) by mail2.redhat.com with SMTP; 25 Nov 1996 18:43:23 -0000 Received: from localhost (davem@localhost) by phoenix.iss.net (8.8.3/8.6.12) with SMTP id NAA30955; Mon, 25 Nov 1996 13:41:50 -0500 Date: Mon, 25 Nov 1996 13:41:50 -0500 (EST) From: "David J. Meltzer" <davem@iss.net> Approved: R.E.Wolff@BitWizard.nl To: linux-security@redhat.com, bugtraq@netspace.org Subject: Security Problems in XMCD Message-ID: <Pine.LNX.3.95.961125133751.28145F-100000@phoenix.iss.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII There ar...

Hi, I was wondering if anyone had a good dhcpd.conf and /tftpboot files for a EPIA-M motherboard with RedHat 9.0.... Or maybe just a configuration that works with the EPIA-M (doesn't matter which type of linux). I'm trying to boot the system from the network and it seems to be getting to downloading pxelinux.0 but then nothing happens after that.... I'm using ISC dhcpd V3.0pl2,

...the latest beta version. (Requirements are Linux ELF system, 1.3.x kernel or newer, ethernet for the monitoring engine, X for the GUI management system; there are also SunOS and Solaris versions if you are interested.) -Dave --------------------------------+--------------------- David J. Meltzer | Email: davem@iss.net Systems Engineer | Web: www.iss.net Internet Security Systems, Inc. | Fax: (770)395-1972

hello and thanks for reading this, with the help of this group so far, i am using bootscriptor from bootscriptor.org combined with memdisk to boot a win98 boot disk. it boot into the windows98 version of dos. the cool thing about the floppy is that it has a compressed image that mounts as a drive letter. much like linux. i can create floppy images no problem. what i am trying to do is create a

...achines until a comprehensive examination of its buffer handling can take place. I would like to thank Thomas Ptacek for his assistance in examining these vulnerabilities and for his examination of cddbd for buffer overflows. --------------------------------+--------------------- David J. Meltzer | Email: davem@iss.net Systems Engineer | Web: www.iss.net Internet Security Systems, Inc. | Fax: (770)395-1972

...ate: Tue, 26 Nov 1996 16:14:48 -0500 Reply-To: Theo Van Dinter <felicity@kluge.net> Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG> From: Theo Van Dinter <felicity@kluge.net> Approved: R.E.Wolff@BitWizard.nl Subject: Re: Security Problems in XMCD 2.1 X-To: "David J. Meltzer" <davem@ISS.NET> To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG> In-Reply-To: <Pine.LNX.3.95.961126122846.12271F-100000@phoenix.iss.net> Content-Type: TEXT/PLAIN; charset=US-ASCII X-ReSent-Date: Tue, 26 Nov 1996 18:42:46 -0600 (CST) X-ReSent-From: Ron DuFresne...