search for: neohapsis

...urity review of OpenSSL, under the DARPA program CHATS. Vulnerabilities --------------- All four of these are potentially remotely exploitable. 1. The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulerability is exploitable. Exploit code is NOT available at this time. 2. The session ID supplied to a client in SSL3 could be oversized and overrun a buffer. 3. The master key supplied to an SSL3 server could be oversi...

...f right and thats about it. The PAM is a bit harder (to me at least). PAM is the key for the linux end to understand to use the winbind connection. If not correctly cinfigured it can't get the authentication from the Win NT/2k PDC. Here are some links that was helpful for me. http://archives.neohapsis.com/archives/pam-list/2001-10/0038.html http://ma.ph-freiburg.de/tng/tng-users/2001-06/msg00025.html http://www.samba.org/samba/docs/Samba-HOWTO-Collection.html (very helpful) Hope these help Mikko Rautiainen Chris McKeever wrote: >Setup: > Suse 7.2, Samba 2.2.6 > Win 2K PDC > &gt...

Hello, >> is it possible to provide service auth on tcp-socket instead of >> unix-socket? >> I changed my conf and dovecot 2.0.5 is restarting but on telnet test it >> throws: >> dovecot: auth: Fatal: getsockname(12) failed: Socket operation on >> non-socket >> >> Want to separate smtp and imap to different servers but keep using >>

http://bugzilla.mindrot.org/show_bug.cgi?id=52 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #1075 is|0 |1 obsolete| | Attachment #1098 is|0 |1 obsolete|

On Mon Feb 09 2015 at 1:23:37 PM Petr Lautrbach <plautrba at redhat.com> wrote: > It seems to be the same problem as described and discussed in this > [1] thread. MTU 1400 is not enough for packet sent by > openssh-6.6.1p1-11.1.fc21 with default settings. The size of one > of initial packets could be even 1968. Your VPN probably makes > a fragmentation but doesn't do the

Hello, In a Dovecot 2.0.6 server I have an account x at domain and an alias y at domain -> x at domain. When I send an email to x at domain with carbon copy to y at domain, X receives two messages on mailbox. Dovecot2 has any feature of duplicate suppression ? Thanks, Thiago Henrique

http://bugzilla.mindrot.org/show_bug.cgi?id=969 Summary: early setpcred() stomps on PAM Product: Portable OpenSSH Version: 3.9p1 Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: dleonard at

...1.4.7, when available | |----------------------------+-------------------------------------------| +------------------------------------------------------------------------+ +------------------------------------------------------------------------+ |Links |http://archives.neohapsis.com/archives/bugtraq/2007-10/0316.html | +------------------------------------------------------------------------+ +------------------------------------------------------------------------+ | Asterisk Project Security Advisories are posted at | | http://www.ast...

...1.4.7, when available | |----------------------------+-------------------------------------------| +------------------------------------------------------------------------+ +------------------------------------------------------------------------+ |Links |http://archives.neohapsis.com/archives/bugtraq/2007-10/0316.html | +------------------------------------------------------------------------+ +------------------------------------------------------------------------+ | Asterisk Project Security Advisories are posted at | | http://www.ast...

Setup: Suse 7.2, Samba 2.2.6 Win 2K PDC Project: I would like to use winbind to authenticate users that do not have local accounts on the linux machine for access to various file and print shares. I have gotten winbind to successfully grab the user and groups from the NT box (verified by getent passwd). However, I have had little luck obtaining the permission based file share that I would

...ersions. Everything worked well for Outlook Express, Outlook and Thunderbird clients, but Microsoft Entourage 2004 or 2008 clients smtps fails - "Authentication failed because Entourage doesn't support any of the available authentication methods." Similar case like - http://archives.neohapsis.com/archives/postfix/2008-09/thread.html#145 I tried everything, the config is like described in Postfix and Dovecot sites - http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL I also tried in main.cf smtpd_sasl_security_options =forward_secrecy like described in http://www.postfix.org/postconf.5...

I have installed dovecot-postfix and postfixadmin on an Ubuntu 9.10 machine. The userdb and passdb are both mysql. If I set up a user in postfixadmin they are able to send. I can successfully telnet into the server remotely by name on 110 and 25. I'm not looking for any authentication encryption/ssl any of that, just POP3/SMTP. When I telnet into 110 I can enter a username with user

...f right and thats about it. The PAM is a bit harder (to me at least). PAM is the key for the linux end to understand to use the winbind connection. If not correctly cinfigured it can't get the authentication from the Win NT/2k PDC. Here are some links that was helpful for me. http://archives.neohapsis.com/archives/pam-list/2001-10/0038.html http://ma.ph-freiburg.de/tng/tng-users/2001-06/msg00025.html http://www.samba.org/samba/docs/Samba-HOWTO-Collection.html (very helpful) Hope these help Mikko Rautiainen Chris McKeever wrote: >Setup: > Suse 7.2, Samba 2.2.6 > Win 2K PDC > &gt...

...0.01/0.01/0.01, dsn=4.3.0, status=deferred (host mail.example.com[private/dovecot-lmtp] said: 451 4.3.0 <bob at example.com> Temporary internal error (in reply to end of DATA command)) Now when I was checking that Postfix wasn't the likely problem, one of them mentioned: http://archives.neohapsis.com/archives/postfix/2014-12/0189.html (Postfix-users archive) that I needed: namespace inbox { inbox = yes } But I'm curious why that I'm the only one that seems to have been nailed by this omission. A keyword search on 'namespace' only brought up a single comment. Wha...

Hi, We are trying to implement a highly secure mail server with user authentication restricted to SSL certificates only (not using passwords at all). Still, user information is stored in a LDAP directory. In this configuration LDAP is used to check whether the user is registered (and probably supply quota and other info), and actual authentication is done by SSL layer. According to wiki, a

Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old

Skipped content of type multipart/alternative