search for: uncompromising

As you may have noticed, cran.us.r-project.org has been down for a while due to a security incident. This is the same machine that carries the R source repository. The R sources appear to be uncompromised, but we have had to move developer logins and everything to another machine, with various configuration issues to sort out. The upshot is that there is currently no way of doing the automatic

Hi list, I do not known, if this is really an issue but i noticed that when connecting to a remote ssh host with the standard linux openssh client using a private key, that there is no line of text indicating when the local key-passwd process was completed and the connection session was established. On a compromised host, the login shell could write the line 'Enter passphrase for key

Asterisk Project Security Advisory - AST-2008-007 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Asterisk installations using cryptographic keys | | | generated

I'm not really a developer, but was considering if there is a key vulnerability in geli given that when you change a key there isn't a disk update. Consider the scenario where a new file system is created and populated with some files. At a later time the original key is changed because someone has gained access to the key and passphrase. A new key is generated and attached, but none of

Hello, I'd like to propose an extension to the function summary.aov. In Splus (2000, I don't know about other versions), summary.aov allows a parameter ssType to be set to 1 or 3 (defaults to 1) to choose the type of Sums of Squares. I know I can get Type III SS in R with drop1(model), but including the functionality into summary.aov would, in my opinion, - yield a more usable table

I'm running 1.0.13 If I run dovecot for a while, I see a /var/run/dotvecot folder created with the following: drwxr-xr-x 3 root root 4096 2008-05-18 13:30 dotvecot drwxr-xr-x 3 root root 4096 2008-05-18 13:47 . drwxr-xr-x 18 root root 4096 2008-05-18 13:47 .. srw------- 1 root root 0 2008-05-18 13:47 auth-worker.15138 srwxrwxrwx 1 root root 0

...ngs are a bargain when you consider the benefits they provide to an enterprise, especially if you can absorb the cost over your organization's overall IT budget. [Thanks!] First, let me add my thanks to the development team and contributors for their countless hours of relentless efforts and uncompromising QA in (re)producing this enterprise-class OS. Well done! Were it not for CentOS; organizations like mine with extremely limited personnel, materiel, and financial resources would be much less productive or may have to shutdown altogether. With budgets getting ever-tighter it is even more critical t...

As halflife demonstrated in Phrack 50 with his linspy project, it is trivial to patch any system call under Linux from within a module. This means that once your system has been compromised at the root level, it is possible for an intruder to hide completely _without_ modifying any binaries or leaving any visible backdoors behind. Because such tools are likely to be in use within the hacker

George Brown sent this to my private Email address instead of to the list. Because I forwarded it, my addres is in the header. Roger. ----- Forwarded message from root ----- >From root@bull.bullnet.co.uk Mon Aug 24 16:20:29 1998 Received: from dutepp0.et.tudelft.nl by rosie.BitWizard.nl (fetchmail-4.2.9 POP3 run by wolff) for <wolff@localhost> (single-drop); Mon Aug 24

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------