search for: nlspath

...ng libc, and statically linked binaries. To protect yourself against remote attacks, you could for example change the variable name to something different, with a hex editor (like /usr/bin/bpe), in /lib/libc.so.5, and ensure the exploit stopped working. Of course, this is only a temporary fix. --- nlspath.c --- /* * NLSPATH buffer overflow exploit for Linux, tested on Slackware 3.1 * Copyright (c) 1997 by Solar Designer */ #include <stdio.h> #include <stdlib.h> #include <unistd.h> char *shellcode = "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\x...

..."C"; + if ((lang = (char *) __libc_secure_getenv ("LANG")) == NULL) lang = "C"; #else /* Query the locale from the previous setlocale call in msgcat-libc.c*/ if ((lang = (char *) setlocale(LC_MESSAGES,(char *) NULL)) == NULL) lang="C"; #endif - if ((nlspath = (char *) getenv ("NLSPATH")) == NULL) { + if ((nlspath = (char *) __libc_secure_getenv ("NLSPATH")) == NULL) { #if OLD_NLS_PATHS nlspath = "/nlslib/%L/%N.cat:/nlslib/%N/%L"; #else @@ -187,6 +189,7 @@ ++nlspath; strcpy(pathP, lang); pat...

.../usr2/ncvs//src/lib/libc/nls/msgcat.c,v retrieving revision 1.21 retrieving revision 1.27 diff -u -r1.21 -r1.27 --- nls/msgcat.c 2000/01/27 23:06:33 1.21 +++ nls/msgcat.c 2000/09/01 11:56:31 1.27 @@ -91,8 +91,9 @@ __const char *catpath = NULL; char *nlspath; char *lang; - long len; char *base, *cptr, *pathP; + int spcleft; + long len; struct stat sbuf; if (!name || !*name) { @@ -106,10 +107,10 @@ } else { if (type == NL_CAT_LOCALE) lang = setlocale(LC_MESSAGES, N...

Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg

On Tue, 12 May 1998, Andi Kleen wrote on BUGTRAQ: > I assumed the libc would ignore NLSPATH when the app runs suid (similar > like it does with LD_LIBRARY_PATH etc.). If it doesn''t that is a bad bug. > > [... clickety click ... ] > > At least glibc 2.1 uses __secure_getenv() for NLSPATH. Don''t know about 2.0, > separate GNU gettext, or libc5. I have...

I''m trying to install CiscoWorks 2.5 on Solaris 10 update 1, and after the install when I try to start the daemon, it errors: # /opt/CSCOpx/objects/dmgt/dmgtd.sol ERROR: open file dmgtd failedERROR >>>>>>>>>>>>> open msg catalog failed. NLSPATH incorrect or objects/share/nls/C/dmgtd.cat is missing. # echo $NLSPATH /opt/CSCOpx/objects/share/nls/C/dmgtd.cat NLSPATH is set correctly, and ldd finds all the libraries. Here''s the end of truss output where it errors: 17671: close(3) = 0 17671:...

...ail/$USER" HISTCONTROL=ignoredups HOSTNAME=`/bin/hostname` HISTSIZE=1000 if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then INPUTRC=/etc/inputrc fi # some old programs still use it (eg: "man"), and it is also # required for level1 compliance for LI18NUX2000 NLSPATH=/usr/share/locale/%l/%N export PATH PS1 USER LOGNAME MAIL HOSTNAME INPUTRC NLSPATH export HISTCONTROL HISTSIZE for i in /etc/profile.d/*.sh ; do if [ -x $i ]; then . $i fi done unset I ------------------------------------------------------------------------- Do I just type it i...

This was posted not too long ago on sci.crypt... Enjoy... I think the most relevant information is near the top, but it''s all quite good... :-) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- There is no intrinsic difference between algorithm and data, the same information can be viewed as data in one context and as algorithm in another. Why then do so many people claim that encryption algorithms

...l/packages/SUNWspro/prod/lib/v9/libsunperf.a(pp_sgemm.o) ld: fatal: Symbol referencing errors. No output written to conftest Problem is the v9 version seems to require stack_grow(); the xlic_lib=sunperf does the extra linking work required: fs% cc -xarch=v9 sgemm.c -xlic_lib=sunperf -# ### Note: NLSPATH = /usr/local/bin/../packages/SUNWspro/bin/../prod/bin/../lib/locale/%L/LC_MESSAGE S/%N.cat:/usr/local/bin/../packages/SUNWspro/bin/../prod/bin/../../lib/locale/% L/LC_MESSAGES/%N.cat ### command line files and options (expanded): ### -xarch=v9 sgemm.c -xlic_lib=sunperf /usr/local/bin/../package...

[TOP lINE: is there a linux program that will tell me where all the installed files went?] Hi all....great to be here... i''m pretty relentless yet very new to RoR and fairly new to Linux [went with ubuntu 7.10 for the time being - learing pure Deb and/or Slack/BDS for the future] anyhooo.. So... Coming from my highly understood XP install [frankly it feels yuk these days] i''m

...:*.rpm=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.xbm=01;35:*.xpm=01;35:*.png=01;35:*.tif=01;35:*.tiff=01;35:' LS_OPTIONS='-F --color=auto' LTDL_LIBRARY_PATH=/usr/lib MACHTYPE=i586-mandrake-linux-gnu MAIL=/var/spool/mail/jussij MAILCHECK=60 META_CLASS=PowerPack NLSPATH=/usr/share/locale/%l/%N OPTERR=1 OPTIND=1 OSTYPE=linux-gnu PATH=/usr/X11R6/bin:/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin:/usr/games PIPESTATUS=([0]="1") PPID=890 PREVLEVEL=N PS1='[\u@\h \W]\$ ' PS2='> ' PS4='+ ' PWD=/home/jussij QT_XFT=...

I was discussing with Don about a private topic..and while skimming the code I noticed that during a 'ssh mouring at site ls' the /etc/environment is *ONLY* read if the remote machine is an AIX box. This is undocumented and I'm wondering if someone using AIX could explain WHY it exists in the session.c:do_child()? No other OS has this. I don't see why AIX should require it.

configure fails with : configure: error: Unsupported off_t type I am not too sure what off_t is needed but this is a pretty standard thing. My configure line : ./configure --build=i386-pc-solaris2.10 --host=i386-pc-solaris2.10 --prefix=/opt/csw --with-zlib --with-ssl=openssl --with-storages=mbox,maildir --with-libiconv-prefix=/opt/csw Yes, the openssl libs are in /opt/csw/lib Not sure what

.../sysdata.rda","../../../library/tools/R") Error: Line starting 'Package: tools ...' is malformed! Details: root at x065:[/data/prj/cran/64/R-3.2.3/src/library/tools]export | egrep "PATH|HOME" HOME=/ LIBPATH=/data/prj/cran/64/R/lib:/opt/lib LOCPATH=/usr/lib/nls/loc NLSPATH=/usr/lib/nls/msg/%L/%N:/usr/lib/nls/msg/%L/%N.cat PATH=/opt/bin:/usr/bin:/etc:/usr/sbin:/usr/ucb:/usr/bin/X11:/sbin:/usr/java14/jre/bin:/usr/java14/bin:/usr/vacpp/bin: R_HOME=/data/prj/cran/64/R root at x065:[/data/prj/cran/64/R-3.2.3/src/library/tools]/data/prj/cran/64/R-3.2.3/bin/exec/R R versi...

Attached is the very verbose ssh output. Just to be perverse, this time two nodes lost connectivity. The only thing I see is lines saying that the two connections are lost, although being honest I have no idea what everything else means. For reference, 8 ssh cinnections were being made at the same time for a 8x8mpi task. N.B., since the OS I am using does not have rsh, I am currently using the

...red env USER debug3: Ignored env LS_COLORS debug3: Ignored env LD_LIBRARY_PATH debug3: Ignored env CPATH debug3: Ignored env SSH_AUTH_SOCK debug3: Ignored env GNOME_KEYRING_SOCKET debug3: Ignored env COBBLER_SERVER debug3: Ignored env USERNAME debug3: Ignored env SESSION_MANAGER debug3: Ignored env NLSPATH debug3: Ignored env PATH debug3: Ignored env DESKTOP_SESSION debug3: Ignored env MAIL debug3: Ignored env QT_IM_MODULE debug3: Ignored env PWD debug1: Sending env XMODIFIERS = @im=none debug2: channel 0: request env confirm 0 debug3: Ignored env GDM_KEYBOARD_LAYOUT debug3: Ignored env KDE_IS_PRELIN...

Hope I am not sounding too much like a broken record - as far as 64-bit build on AIX is concerned. ** Short - 32-bit builds complete normally, 64-bit builds stop at "installing 'sysdata.rda'" with message: Error: Line starting 'Package: tools ...' is malformed! Execution halted *** Longer... I could file a bug - Importance, showstopper - but I would prefer to better

Hi, If I enable "UseLogin" under AIX, I get the following message upon login: /dev/pts/2: 3004-004 You must "exec" login from the lowest login shell. The manpage states: "In order to preserve the integrity of the system, only one session at a time is allowed to be logged in to a port. This means that the login command entered from the shell prompt cannot succeed,

https://bugzilla.samba.org/show_bug.cgi?id=7625 Summary: "Don't know how to make ./*.c" Product: rsync Version: 3.0.7 Platform: s390 OS/Version: Other Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned at samba.org ReportedBy: sebastian.hoffman at

...s/public/gnu/sun5.6/lib/gcc-lib/sparc-sun-solaris2.6/2.8.1/ LD_LIBRARY_PATH= /usr/openwin/lib:/home/res/mose/mr/oai/lib MENU= /home/res/public/MENU WINDOWID= 71303222 TERMINAL_EMULATOR= dtterm PWD= /home/res4/gilp/R-versions/R-0.63 WINDOW_TERMIOS = TERMCAP= sun-cmd:te=\E[>4h:ti=\E[>4l:tc=sun: NLSPATH= /usr/ccs/bin/../lib/locale/%L/LC_MESSAGES/%N.cat:/usr/ccs/bin/../lib/locale/C/LC_MESSAGES/%N.cat:/usr/ccs/bin/../../lib/locale/%L/LC_MESSAGES/%N.cat:/usr/ccs/bin/../../lib/locale/C/LC_MESSAGES/%N.cat VIRTUAL_ROOT= / MFLAGS= -dd MAKEFLAGS= -dd stat(Makefile) doname(Makefile) Looking for % rule fo...