Displaying 20 results from an estimated 27 matches for "netkit".
2001 Aug 13
0
Security Update: [CSSA-2001-30.0] Linux - Telnet AYT remote exploit
...ate: 2001, August 10
Cross reference:
______________________________________________________________________________
1. Problem Description
Recently, a security problem was discovered in various BSD derived
implementations of the telnet daemon. Initially, it was thought that
the Linux netkit-telnet was not vulnerable to this problem. It turne
out that this was wrong.
On OpenLinux previous to version 3.1, this bug allows remote attackers
to gain root privilege.
Starting with OpenLinux 3.1, the telnet daemon is split into
two processes, a privileged one running the login...
2002 Jul 12
4
tftp-hpa 0.28, 0.29 interoperability problem
Hi,
I have a tftp client which loads quite happily from a tftpd built
from netkit-tftp-0.16 but which fails to load from from a tftpd built
from tftp-hpa 0.29. In both cases, tftpd was built from pristine
sources and run from xinetd under Redhat 7.3.
[netkit-tftp-0.16 is the ancestor of tftp-hpa, predating HPA's
maintenance of same]
[the tftp client also..
.. fails with th...
1999 Aug 19
1
[RHSA-1999:029-01] Denial of service attack in in.telnetd
...ed in in.telnetd.
2. Bug IDs fixed (http://developer.redhat.com/bugzilla/):
4560
3. Relevant releases/architectures:
Red Hat Linux 4.2, 5.2, 6.0, all architectures
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Red Hat Linux 4.2:
Intel:
ftp://ftp.redhat.com/redhat/updates/4.2/i386/NetKit-B-0.09-11.i386.rpm
Alpha:
ftp://ftp.redhat.com/redhat/updates/4.2/alpha/NetKit-B-0.09-11.alpha.rpm
Sparc:
ftp://ftp.redhat.com/redhat/updates/4.2/sparc/NetKit-B-0.09-11.sparc.rpm
Source packages:
ftp://ftp.redhat.com/redhat/updates/4.2/SRPMS/NetKit-B-0.09-11.src.rpm
Red Hat Linux 5.2:
In...
1997 Jan 12
9
dos-attack on inetd.
Hi.
I don''t know if this one is known, but I can''t recall seeing anything
about it. If it is old news I apologize.
I discovered a bug in the inetd that comes with NetKit-B-0-08 and older.
If a single SYN is sent to port 13 of the server, inetd will die of Broken
Pipe:
write(3, "Sun Jan 12 21:50:35 1997\r\n", 26) = -1 EPIPE (Broken pipe)
--- SIGPIPE (Broken pipe) ---
I am no C-guru but I think this patch to inetd would fix it without adding
any other pr...
2008 Aug 01
2
Cisco 7970, CTLSEP<mac>.tlv
...and Googleable. Hopefully
it will save other people a bit of time.
If you have a Cisco phone (I was testing with a 7970, though presumably it would
affect 7960 and others as well) that is looping trying to fetch the CTL tlv file
- it may be because you are using Debians 'tftpd' (should be
netkit-tftpd...*cough*hey, Debian developers*cough*) package, which is
apparently not RFC 783 (tftp) compliant with "file not found" responses. The
whopping 18 page RFC states that Error Code should be 0x00,0x01 for "file not
found" errors, but netkit-tftpd returns 0x00,0x00 which is...
1996 Nov 25
0
LSF Update#14 v1.2 "lpr vulnerability"
...fferent distributions use different version
numbering schemes for the same utilities. At this moment, a lpr
utility exists in at least the following packages:
Berkeley-derived lpr 5.9
lpr.c identifies itself between 1.1 and 1.4
This lpr is vulnerable.
Berkeley-derived lpr 5.9, a part of a NetKit 0.6B (separate package)
Utilities/System%package lpr
name: NetKit-B version: 0.06
Description: Printing support (lpr, lpd, etc)
Depending on the release, this version of lpr can be
vulnerable.
Berkeley-derived lpr 5.9, based on a part of NetKit 0.6B
Depending on the release, can...
1998 Jun 08
27
Services not required?
...ystems here
as possible as to available ports. I am down to only a handful
but am not sure how much of a security risk they pose and was
wondering if anyone here might be able to comment, or suggest
secure versions to run:
21/FTP (WU-ftpd v2.4.2 BETA 14)
22/SSH (1.22)
23/TELNET (Netkit 0.09)
25/SMTP (Sendmail v8.8.7)
49/TACACS (TACACS_Plus v4.0.2 BETA/Cisco)
53/DNS (BIND v8.1.2)
80/HTTP (Apache v1.2.6 - upgrading to v1.3.0)
110/POP3 (Katie Steven''s v1.016)
111/RPC (Netkit 0.09)
113/IDENTD (????)
669/MOUNTD (RPC/Linux Userspace NFS...
2000 May 19
0
Re: [Security - intern] Re: ssh and chroot...
...with
Please take care here. Some telnetd versions use a non-secure way to alter
their **argv to reflect the host which is connected to them.
A maliciously formated hostname/DNS entry could be used to overwrite the
value of the -L option to bypass the usersupplied login program.
The maintainer of netkit has fixed it, AFAIK.
So, it's wiser to update to the most recent version of netkit.
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas@suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas...
1997 Mar 22
2
"Secure" tftpd source for Linux?
I''ve been poking around my system, and realized that having a tftp server
would be handy. (I''m working with cisco routers, which have the capability to
up and download configuration images via tftp.)
However, I''m not content with the usual tftpd that comes with Linux. The
whole "specify each directory you want" scheme is cock-eyed to me. I''d
prefer
2012 Dec 04
3
Print properties are not saved
...et A4 page format.
I'd be willing to make some more trials but I'm running out of ideas...
thanks in advance
sandro
*:-)
[1] https://bugzilla.samba.org/show_bug.cgi?id=6727
[2] http://www.samba.org/samba/docs/man/Samba-Guide/happy.html#id2582657
[3] http://www.reteisi.org/allegati/netkit/stampanti/README.html
--
Sandro Dentella *:-)
http://www.reteisi.org Soluzioni libere per le scuole
http://sqlkit.argolinux.org SQLkit home page - PyGTK/python/sqlalchemy
1997 Jan 29
5
evidence/timelines that show linux is "more secure"
I''m looking for some evidence, backup up with dates and references,
that shows that the Linux community responds to security problems
more quickly than other OS vendors, and thus might be considered
"more secure". A number of fairly high profile corporations are
starting to look for such information as they consider Linux as an
alternative solution to other UNIXes.
Something
1996 Nov 22
0
LSF Update#14: Vulnerability of the lpr program.
...pr-0.12-1.axp.rpm
c04359e61cd16108ce5793aa388f206f lpr-0.12-1.sparc.rpm
Caldera Network Desktop
Caldera Network Desktop version 1.0 contains a
vulnerable lpr program.
The replacement RPMS are available from the
following URLs:
ftp://ftp.caldera.com/pub/cnd-1.0/updates/NetKit-B-lpr-0.06-4c2.i386.rpm
ftp://bach.cis.temple.edu/pub/Linux/Security/DISTRIBUTION-FIXES/CND/NetKit-B-lpr-0.06-4c2.i386.rpm
WARNING: We are unable to provide the MD5
fingerprint for the replacement kit from Caldea as
it was not provided to us.
Debian
Debian/GNU Linux 1.1 does not us...
1996 Nov 21
2
Re: BOUNCE: Re: Chattr +i and securelevel
...r-0.12-1.axp.rpm
c04359e61cd16108ce5793aa388f206f lpr-0.12-1.sparc.rpm
Caldera Network Desktop
Caldera Network Desktop version 1.0 contains a
vulnerable lpr program.
The replacement RPMS are available from the
following URLs:
ftp://ftp.caldera.com/pub/cnd-1.0/updates/NetKit-B-lpr-0.06-4c2.i386.rpm
ftp://bach.cis.temple.edu/pub/Linux/Security/DISTRIBUTION-FIXES/CND/NetKit-B-lpr-0.06-4c2.i386.rpm
WARNING: We are unable to provide the MD5
fingerprint for the replacement kit from Caldea as
it was not provided to us.
Debian
Debian/GNU Linux 1.1 does not u...
2005 Mar 14
1
colinux fresh install, zaptel does not compile, size_t error
...5.4-4
Descriptions of common terminal types
ii ncurses-bin 5.4-4
Terminal-related programs and man pages
ii net-tools 1.60-10
The NET-3 networking toolkit
ii netbase 4.17
Basic TCP/IP networking system
ii netkit-inetd 0.10-9
The Internet Superserver
ii netkit-ping 0.10-9
The ping utility from netkit
ii nvi 1.79-21
4.4BSD re-implementation of vi
ii passwd 4.0.3-28.4
Change and administer passwo...
1999 Nov 09
0
Nasty ping with pattern '+++ATH0' - how to stop?
...diagnosing data-dependent
problems in a network, so better solution is to log usings of ping -p
option.
This little patch (in attachment) will enable logging via syslogd(8).
Messages are logged with 'warrning' priority, and consist of PID, UID,
pattern, and pinged target. Patch is made for netkit-base-0.10, a part of
Slackware, and other distributions too.
Sincerely,
Bosko
[mod: Logging at the ISP will not help people who have a decent
machine/modem from pinging others. People who are annoyed by others
shutting down their link can specify "escape 41 61" to have ppp escape
all A&...
1997 Jan 18
0
write(1) leak
Some versions (the util-linux version, but not the netwrite or netkit
versions) of /usr/bin/write have a buffer overrun problem that is
almost certainly exploitable. Note that this gives access to the tty
group, but not (directly) root.
The fix is to change the two sprintfs to snprintfs. Patches have been
mailed to the maintainer.
--
- David A. Holland...
1997 Jan 20
0
Re: write(1) security problem
> Some versions (the util-linux version, but not the netwrite or netkit
> versions) of /usr/bin/write have a buffer overrun problem that is
> almost certainly exploitable. Note that this gives access to the tty
> group, but not (directly) root.
>
> The fix is to change the two sprintfs to snprintfs. Patches have been
> mailed to the maintainer.
While...
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
...build-stamp:
dh_testdir
- ./configure --prefix='' --exec_prefix='$${prefix}/usr' --sysconfdir='$${prefix}/etc/ssh' --libexecdir='$${exec_prefix}/lib' --mandir='$${prefix}/usr/share/man' --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-rsh=/usr/bin/netkit-rsh
- $(MAKE) OPT_FLAGS='-DLOGIN_PROGRAM=\"/bin/login\" -DSSHD_PAM_SERVICE=\"ssh\" -DFORWARD_AGENT_DEFAULT=0 -DFALLBACKTORSH_DEFAULT=0' ASKPASS_PROGRAM='/usr/bin/ssh-askpass'
+ ./configure --prefix='' --exec_prefix='$${prefix}/usr' --sysconfdir=...
2010 Jun 14
5
cooked mode sessions
Picking up on a couple really old threads (e.g.
http://osdir.com/ml/ietf.secsh/2001-09/msg00003.html ) I've finally gotten
around to this. The EXTPROC support on Linux is missing, but you can find
kernel patches for that here
http://lkml.org/lkml/2010/6/11/403
I've also fixed up the netkit telnet / telnetd code to work with EXTPROC /
LINEMODE on Linux, those patches are here
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585527
These ssh patches are still not even half-baked, just a proof of concept to
get feedback and guidance on what the right approach actually is. To get an...
2023 Apr 03
1
pxelinux takes too long trying all the config file options
On Mon, Apr 03, 2023 at 12:52:41PM -0400, Rob Roschewsk via Syslinux wrote:
> Hi All,
>
> I have a situation where I want to netboot and ONLY use pxelinux.cfg/default.
>
> It seems to take FOREVER for pxelinux to try all of the config file
> file options before falling through to default .... trying each
> possible combination multiple times ... increasing the wait time
>