search for: netsi

More patch-o-rama :-( ---Mike >From: Michal Zalewski <lcamtuf@dione.ids.pl> >To: bugtraq@securityfocus.com, <vulnwatch@securityfocus.com>, > <full-disclosure@netsys.com> >X-Nmymbofr: Nir Orb Buk >Subject: [Full-Disclosure] Sendmail 8.12.9 prescan bug (a new one) >[CAN-2003-0694] >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere:

Has anyone around here heard of this ? ---Mike >Subject: Re: [Full-Disclosure] new ssh exploit? >From: christopher neitzert <chris@neitzert.com> >Reply-To: chris@neitzert.com >To: full-disclosure@lists.netsys.com >X-Mailer: Ximian Evolution 1.4.3.99 >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere: full-disclosure@lists.netsys.com

Sorry for the cross post, but this is an important one potentially affecting all recipients. This just crossed the Full Disclosure mailman moderated mailing list. It bears a careful read, and thought about whether a response is needed. The implication is that if there is any use of a mailman password in common with a password you 'care' about, you need to take appropriate action at

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

http://bugzilla.mindrot.org/show_bug.cgi?id=617 Summary: /etc/services disregarded Product: Portable OpenSSH Version: 3.6.1p2 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy: tiaan at netsys.co.za

I got a packet capture of one of the SSH2 sessions trying to log in as a couple of illegal usernames. The contents of one packet suggests an attempt to buffer overflow the SSH server; ethereal's SSH decoding says "overly large value". It didn't seem to work against my system (I see no strange processes running; all files changed in past ten days look normal). I am

Hi Everyone, http://vuxml.freebsd.org/c4b025bb-f05d-11d8-9837-000c41e2cdad.html A critical vulnerability was found in lukemftpd, which shipped with some FreeBSD versions (4.7 and later). However, with the exception of FreeBSD 4.7, lukemftpd was not built and installed by default. So, unless you are running FreeBSD 4.7-RELEASE or specified WANT_LUKEMFTP when building FreeBSD from source, you

Hi all, I'm having a small problem with browsing. I've got a network full of Windows (2000 and XP) machines and I've installed a Samba server in it. The server is configured to be Domain Master Browser (DMB), Local Master Browser (LMB) and WINS server for a workgroup. The Win machines are configured to use the WINS server. Name resolution works perfectly, but browsing

Forwarded message: > From full-disclosure-admin@lists.netsys.com Wed Apr 21 11:49:12 2004 > To: full-disclosure@lists.netsys.com > From: Darren Bounds <dbounds@intrusense.com> > Subject: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability > Date: Tue, 20 Apr 2004 18:19:58 -0400 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > >

Is there a way to send a message to all users currently logged into a Samba domain controller? The reason why I ask is that I have a Samba 3.x.x primary/backup domain controller setup and as soon as the system monitor detects that the primary domain controller is offline I would like to execute a command to send a domain wide message telling all domain users to save their work to the local

Using kernel 2.4.20 with the following patches ext3-scheduling-storm.patch ext3-use-after-free.patch sync_fs-fix-2.patch sync_fs-fix.patch sync_fs.patch Note: this problem started happening before applying the patches I have a small partition for / since I don't have much there. Filesystem 1k-blocks Used Available Use% Mounted on /dev/sda6 303344 98934

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:13.sendmail Security Advisory The FreeBSD Project Topic: a third sendmail header parsing buffer overflow Category: contrib Module:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:13.sendmail Security Advisory The FreeBSD Project Topic: a third sendmail header parsing buffer overflow Category: contrib Module:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:07.sendmail Security Advisory The FreeBSD Project Topic: a second sendmail header parsing buffer overflow Category: contrib Module:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:07.sendmail Security Advisory The FreeBSD Project Topic: a second sendmail header parsing buffer overflow Category: contrib Module:

Hi, I am out of town and will get back to you on the 13th of July. Leo >>> "r-help at stat.math.ethz.ch" 06/27/03 00:32 >>> Send R-help mailing list submissions to r-help at stat.math.ethz.ch To subscribe or unsubscribe via the World Wide Web, visit https://www.stat.math.ethz.ch/mailman/listinfo/r-help or, via email, send a message with subject or body

Diese Nachricht wurde automatisch von einem Virenschutzprogramm erzeugt. Es wurde ein Virus in Ihrer Mail mit dem erw?hnten Subject vom Thu, 26 Jun 2003 13:03:32 --0400 an herold at med.uni-marburg.de gefunden. Ihre Nachricht wurde gel?scht und nicht weitergeleitet. Bitte l?sen Sie dieses Problem und versuchen Sie es erneut. This messages was automatically created by a virus-scanning program.

Hi everyone, I'm completely new to Asterisk and before I buy any card, I would like to ask for some information. 1. We'll be using analog PSTN phone lines. Is there anything that I should ask the telecom company before I buy the card? What I mean is whether the card will be compatible with the line? 2. What about the hardware on the PC? I will be using at least a Pentium 3 with a 600 or