search for: secteam

Hi, On 8/10/06, Mark Bucciarelli <mark@gaiahost.coop> wrote: > > > There's a scary security alert from yesterday out and no port > update so I judged it to be isp-related. I looked for > ports-security list but didn't see one. > > You know, that might be a very good ideea -- e.g. have a security team and list for ports as we have one for the base distribution.

...of 0xa5 bytes directly from malloc(3). (See malloc(3) manual page for the explanation for the "J" flag if you need more information.) This has been reported as PR 123529 (http://www.freebsd.org/cgi/query-pr.cgi?pr=123529) which contains a real information leak case. The PR is assigned to secteam and I have also personally reported it to secteam but I haven't heard a word from secteam members. A code to initialize malloc'd memory exists but the feature must be enabled with PURIFY macro. With following patch applied the test program doesn't output 0xa5 bytes to the database file...

Hi, Any info on this subject on http://www.theregister.co.uk/2009/09/14/freebsd_security_bug/ -- Frederique

...the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when upgrading from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the 11.0-RELEASE build. Glen On behalf of: re@ and secteam@ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXo/L2AAoJEAMUWKVHj+KTG3sP/3j5PBVMBlYVVR+M4PUoRJjb kShIRFHzHUV9YzTIljtqOVf/f/mw3kRHA4fUonID5AJlo23ht9cwGOvGUi5H3lBK rnL9vsU9lvZoGyaHLpR/nikMOaRTa8bl1cdpULlEGH94HEzDuLT92AtAZ5HtdDEl GcXRfTe3eGOaxcqNSF8NKSMQQ8rzbKmsgsa5Cbf0PYToemn3xyPAr...

...the relevant commit, but upstream no longer considers them secure. Please replace DSA keys with ECDSA or RSA keys as soon as possible, otherwise there will be issues when upgrading from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the 11.0-RELEASE build. Glen On behalf of: re@ and secteam@ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXo/L2AAoJEAMUWKVHj+KTG3sP/3j5PBVMBlYVVR+M4PUoRJjb kShIRFHzHUV9YzTIljtqOVf/f/mw3kRHA4fUonID5AJlo23ht9cwGOvGUi5H3lBK rnL9vsU9lvZoGyaHLpR/nikMOaRTa8bl1cdpULlEGH94HEzDuLT92AtAZ5HtdDEl GcXRfTe3eGOaxcqNSF8NKSMQQ8rzbKmsgsa5Cbf0PYToemn3xyPAr...

...=exact&query=remko> Make Samba forbidden till Timur had the time to upgrade this, because samba appears to be vulnerable to remote code execution which could harm our users. This will be removed after we have a safe version to which we can upgrade. Hat: secteam Discussed with and requested by: timur ============================================================================ Dang! When will this be fixed? Start Here to Find It Fast!? -> http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names -> http://domains.us-webmasters...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random(9) predictable sequence vulnerability Category: core Module: sys Announced:

Dear Security team, I'm Kamolpat Pornatiwiwat, Sys admin of DMaccess Co., Ltd. I'm got the problem, My FreeBSD 6.0 got Dos attacked. What should I do? At the present, I decide to stop apache and leave only mail feature on functioning. Any guide/recommend/solution will be appreciated. More detail about my server: ====================== FreeBSD 6.0 apache-1.3.34_4 php5-5.1.2_1 MySQL

...they wish to continue to track the latest ports tree. A tag, RELEASE_5_EOL, has been laid down to mark the last point in the ports tree that officially supported FreeBSD 5.X. Port Manager asks that you not rush to remove 5.X support right away as we'd like a settling-down period, and we want secteam to have a chance to make their EOL announcements as well. Marcus on behalf of portmgr Bcc: ports, developers, portmgr -- Joe Marcus Clarke FreeBSD GNOME Team :: gnome@FreeBSD.org FreeNode / #freebsd-gnome http://www.FreeBSD.org/gnome -------------- next part -------------- A non-text a...

...we know more. As such, I can only recommend that the standard advice be followed: Use a firewall to limit who can access OpenSSH; and make sure that you are running a supported FreeBSD release. If anyone has any concrete information concerning this, please contact the FreeBSD security team at <secteam@FreeBSD.org>. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid

...which is remotely conclusive in either direction. Given that the producer of the video doesn't seem to know how to spell my name (one L, not two!) I'm inclined to suspect the latter. If the producer of the video has in fact discovered a FreeBSD vulnerability, I would invite him to contact secteam@freebsd.org; he would get his name in the Credits section of the resulting advisory. Otherwise, I suggest that youtube videos of this nature be ignored. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the...

postmaster@ reports that <security@FreeBSD.org> is now an alias for the secteam list. -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org

TITLE: KAME Project "ipcomp6_input()" Denial of Service CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote DESCRIPTION: A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ipcomp6_input()" function in

...----------+-----------------| |RELENG_5_2|5.2.1-RELEASE|July 31, 2004 | +------------------------------------------+ Older releases are not maintained and users are strongly encouraged to upgrade to one of the supported releases mentioned above. Colin Percival (wearing member-of-secteam hat)

...d there if I don't. For those not subscribed to -hackers: Jonathan forwarded the an email Theo wrote to openbsd-misc: http://marc.theaimsgroup.com/?l=openbsd-misc&m=110993373705509&w=2 ] Jonathan Weiss wrote: > Whats the intention behind the FreeBSD developers policy? Quoting from secteam's TODO list for advisories: 1. Check if security officers need to be contacted at OpenBSD, NetBSD, OS X, or DragonFlyBSD. Yes, that's item #1 on our list. :-) In this case, I wasn't sure if OpenBSD was affected, so I emailed Theo asking for certain details which would allow me to mak...

> John Freeman wrote: > >> Same problem on AMD64 build. I'm too lazy to attach full text, this >> system doesn't use bind and jail. > > What branch are you tracking? > > Doug > 6.2 STABLE (RELENG_6 latest cvs) amd64 -

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

...lay for domains that >you own and are authorative for, deny the rest), ICMP PING is >most likely (in my opinion) not the cause of your server being >abused of spam mail relaying. > >Goodluck resolving this issue! > >On Fri, June 1, 2007 5:23 pm, sam garcia wrote: >> hello secteam:would like to report a security weakness spotted in a >> security check by my broadband server tiscali. >> security was prompted by inability to send new mails through tiscali mail >> system,had to change password with them,caused by feed back from cantv.com >> ,it informed...

http://www.isc.org/sw/bind/view/?release=9.3.4 SECURITY ADVISORIES * CVE-2006-4095 CERT Vulnerability Note VU#915404 NISCC 172003 * CVE-2006-4096 CERT Vulnerability Note VU#697164 NISCC 172003 * CAN-2005-0034 NISCC-UNIRAS 20050125-00059 CERT Vulnerability Note VU#938617 [ODiP] == Dmitry Grigorovich