Displaying 20 results from an estimated 28 matches for "seclists".
2012 Aug 01
5
[Full-disclosure] nvidia linux binary driver priv escalation exploit
Hi all!
I found this today on FD:
http://seclists.org/fulldisclosure/2012/Aug/4
2010 Sep 18
2
Ac1dB1tch3z Vs Linux Kernel x86_64 0day
Are there any 64bit CentOS5 kernels available that are immune against
the exploit mentioned in the subject? Turning off 32bit support is no
option to me..
Gerhard Schneider
P.S.: Source code can be found at
http://seclists.org/fulldisclosure/2010/Sep/268 and is working "well" on
2.6.18-194.11.3.el5.centos.plus
--
Gerhard Schneider
Institute of Lightweight Design and e-Mail: gs at ilsb.tuwien.ac.at
Structural Biomechanics (E317) Tel.: +43 664 60 588 3171
Vienna University of Technolo...
2005 Sep 27
2
Samba/Firewall issues?
....c:cli_connect(1313)
Error connecting to 130.xx.xx.xx (No route to host)
[2005/09/27 14:12:51, 1] libsmb/cliconnect.c:cli_connect(1313)
Error connecting to 130.xx.xx.xx (Connection refused)
[2005/09/27 14:23:04, 1] libsmb/cliconnect.c:cli_connect(1313)
A search turned up the following:
http://seclists.org/lists/bugtraq/2001/Mar/0285.html
----------------
Obviously, the netfilter nat code breaks nmap while using the -O flag
or using decoy options. The (sendto in send_tcp_raw: sendto....) error is
a symptom of this. It also breaks other packet shaping utilities such
as hping, etc., so this does...
2015 Aug 19
2
Converting HVM to PV kernel CentOS7
Thanks for the reply.
Sorry for the typo in the earlier mail.
I have PV-HVM of CentOS 7 & I need to convert it to PV kernel.
Basically here I am trying to see whether my PV_HVM kernel is vulenrable to
this issue given in the following link
http://seclists.org/oss-sec/2015/q3/212
In the above link, it was mentioned that the PV kernel is not vulnerable to
this bug, but HVM is. It didnt say anything about PV-HVM.
Can you please help me in this regard?
On Wed, Aug 19, 2015 at 10:43 AM, John R Pierce <pierce at hogranch.com> wrote:
> On...
2015 Aug 19
2
Converting HVM to PV kernel CentOS7
...reply.
>> Sorry for the typo in the earlier mail.
>> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel.
>>
>> Basically here I am trying to see whether my PV_HVM kernel is vulenrable
>> to
>> this issue given in the following link
>> http://seclists.org/oss-sec/2015/q3/212
>>
>
>
> that is talking about a problem with QEMU and emulated cdroms, and as far
> as I can tell, the bug is in the qemu emulator, not in the VM's. it
> merely states that if you only use PV VM's you won't trigger the bug, but
> the co...
2008 Jul 09
2
loginmsg bug
Cf. http://seclists.org/fulldisclosure/2008/Jul/0090.html
This Mrdkaaa character claims to have exploited this, but does not say
how.
The issue is that if do_pam_account() fails, do_authloop() will call
packet_disconnect() with loginmsg as the format string (classic
printf(foo) instead of printf("%s", foo)...
2004 Jun 07
2
"Destructive" utilities
The following threads suggest that the way to reclaim memory occupied by
initramfs is to remove files from it:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&frame=right&th=c6cb846bba1a7aea&seekm=SAUO.51B.21%40gated-at.bofh.it#link1
http://seclists.org/lists/linux-kernel/2003/Dec/0707.html
However, there is no way to do it using utilities provided by klibs.
Could you please include the "unlink" and "rmdir" programs into the
distribution? Just put the attached *.c files in klibc/utils and adjust
the PROGS target in the...
2016 Jul 19
2
Openssh use enumeration
Hi, sorry I don't know if I send this to the correct channel.
I have notice that OpenSSH has recognized the presence of the user
enumeration as a vulnerability,
http://seclists.org/fulldisclosure/2016/Jul/51 (CVE-2016-6210).
I want to make an appreciation, this is a old vulnerability
already announced three years ago.
https://blog.curesec.com/article/blog/OpenSSH-User-Enumeration-Time-Based-Attack-20.html
http://seclists.org/fulldisclosure/2013/Jul/88
http://www.behi...
2018 Sep 06
1
cran-r debian readme used to include security flaw
...ack (
https://web.archive.org/web/20170702124141/https://cran.r-project.org/bin/linux/ubuntu/README.html
) and had this in my Dockerfile:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E084DAB9
Which was only a 32 bit GPG key. Someone recently got around to exploiting
this:
https://seclists.org/oss-sec/2018/q3/174
You can see in his description that `Totally Legit Signing Key <mallory ()
example org>` is listed as proof of the exploit.
Now if you go to:
https://cran.r-project.org/bin/linux/ubuntu/README.html
now the line has since been changed to use a 64 bit GPG key:
sudo a...
2006 Feb 14
11
[Bug 449] [patch] mount-point+inode ipt_owner patch (created 18 months ago)
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=449
------- Additional Comments From lkcl@lkcl.net 2006-02-14 19:19 MET -------
Created an attachment (id=212)
--> (https://bugzilla.netfilter.org/bugzilla/attachment.cgi?id=212&action=view)
patch to ipt_owner.c for "mountpoint+inode" functionality
--
Configure bugmail:
2014 Jun 17
1
Bug#751894: xen: CVE-2014-4021 / XSA-100
Package: xen
Version: 4.0.1-5.11
Severity: important
Tags: security, fixed-upstream
Please see for details: http://www.openwall.com/lists/oss-security/2014/06/17/6
Patch: http://seclists.org/oss-sec/2014/q2/att-549/xsa100.patch
---
Henri Salo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-xen-devel/attachme...
2015 Aug 19
2
Converting HVM to PV kernel CentOS7
Hi,
I have installed CentOS 7 HVM kernel. I would like to convert it to CentOs
7 PV kernel.
When googled about it, I found that this can be done by following commands
yum install xen or yum install kernel-xen
But, when I tried the below commands, I am getting the error *"No package
kernel-xen available.**"*
What am I missing here. Any help is much appreciated.
--
Thanks &
2015 Aug 19
0
Converting HVM to PV kernel CentOS7
...Dokku wrote:
> Thanks for the reply.
> Sorry for the typo in the earlier mail.
> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel.
>
> Basically here I am trying to see whether my PV_HVM kernel is vulenrable to
> this issue given in the following link
> http://seclists.org/oss-sec/2015/q3/212
that is talking about a problem with QEMU and emulated cdroms, and as
far as I can tell, the bug is in the qemu emulator, not in the VM's.
it merely states that if you only use PV VM's you won't trigger the bug,
but the correct fix is to update your QEMU s...
2015 Aug 19
0
Converting HVM to PV kernel CentOS7
...typo in the earlier mail.
> >> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel.
> >>
> >> Basically here I am trying to see whether my PV_HVM kernel is vulenrable
> >> to
> >> this issue given in the following link
> >> http://seclists.org/oss-sec/2015/q3/212
> >>
> >
> >
> > that is talking about a problem with QEMU and emulated cdroms, and as far
> > as I can tell, the bug is in the qemu emulator, not in the VM's. it
> > merely states that if you only use PV VM's you won't tr...
2019 Dec 06
0
VPN connections subject to hijack attack
...default CentOS setting is strict filtering
but you may have changed this to loose for some unusual routing situations.
Check that the value of /proc/sys/net/ipv4/conf/all/rp_filter is still set
to 1. If it's set to 2 (loose filtering), you're vulnerable.
Technical details:
<https://seclists.org/oss-sec/2019/q4/122>
According to the report, systemd changed the default to 2 in November 2018
so many distros are vulnerable.
Here's Red Hat's explanation of why you might want to use a value of 2.
"When RHEL has multiple IPs configured, only one is reachable from a remote...
2011 Apr 01
0
on "BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload"
Hi,
as some IPSec users might be worried about the
"BSD derived RFC3173 IPComp encapsulation will expand arbitrarily
nested payload" from http://seclists.org/fulldisclosure/2011/Apr/0 ,
here's some braindump:
To be affected it's believed that you need to
1) manually compile in IPSEC (not done in GENERIC or the release),
2) have an entry for ipcomp in your security associations.
You may also want to check what you negotiate with truste...
2005 Oct 18
1
grubby??
Hi All,
After a recent update the following message was returned by cron:
Subject: Cron <root at XXXXX> run-parts /etc/cron.daily
X-Cron-Env: <SHELL=/bin/bash>
X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin>
X-Cron-Env: <MAILTO=root>
X-Cron-Env: <HOME=/>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>
/etc/cron.daily/yum.cron:
warning:
2005 Oct 25
1
Server without keyboard
I'm trying to set up a small machine as a server using a Via EPIA SP 8000E
mini ITX motherboard. It's got a fanless Eden processor and I'm using a SATA
hard drive. The CD drive is removed, as I only wanted it to install CentOS
and don't anticipate needing it again.
My problem is running this machine with CentOS without the keyboard. I've set
the BIOS to ignore keyboard
2011 Dec 22
0
[PATCH] Security: Mitigate possible privilege escalation via SG_IO ioctl (CVE-2011-4127, RHBZ#757071)
From: "Richard W.M. Jones" <rjones at redhat.com>
CVE-2011-4127 is a serious qemu & kernel privilege escalation bug
found by Paolo Bonzini.
http://seclists.org/oss-sec/2011/q4/536
An untrusted guest kernel is able to issue special SG_IO ioctls on
virtio devices which qemu passes through to the host kernel without
filtering or sanitizing. These ioctls allow raw sectors from the
underlying host device to be read and written. Significantly, neither
qe...
2015 Apr 14
0
[ANNOUNCE] X.Org Security Advisory: Buffer overflow in MakeBigReq macro
...99.901 (1.6 RC1) and later releases fixed
an issue which may be exploitable when X clients are rendering untrusted
content, such as in web browsers.
Mitre has thus issued CVE-2013-7439 for tracking this vulnerability.
Further discussion is available in the oss-security thread starting at
http://seclists.org/oss-sec/2015/q2/73 .
Note that as this affects a macro in a header file, all software using this
macro will need to be recompiled for the fix to take effect. Since the
Xlibint.h header provides access to the internals of libX11, it should
not be directly accessed by most clients, but nearly a...