search for: vdanen

...ink it could be invaluable. Or, if there are no plans, does anyone have any ideas how I could implement something like this? Thanks very much in advance. -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/ope...

...y/draft-ietf-secsh-publickey- subsystem.txt The idea of it sounds interesting, but I would really like to know if they have approached anyone regarding having it included in openssh proper. Thanks. -- MandrakeSoft Security; http://www.mandrakesecure.net/ "lynx - source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD: 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/opens...

Hello. Installed OpenSSL-0.98 I cannot collect new OpenSSH-4.2p1 at assembly there is a mistake: if test ! -z ""; then \ /usr/bin/perl5 ./fixprogs ssh_prng_cmds ; \ fi (cd openbsd-compat && make) make[1]: Entering directory `/home/pkg/openssh-4.2p1/openbsd-compat' make[1]: ???? `all' ?? ??????? ?????????? ??????. make[1]: Leaving directory

...) by lists.redhat.com with SMTP; 1 Aug 2000 18:02:27 -0000 Received: from devel.danen.net (root@dsl-ldy-209-115-163-i66-edm.nucleus.com [209.115.163.66]) by mail.redhat.com (8.8.7/8.8.7) with ESMTP id OAA02155 for <linux-security@redhat.com>; Tue, 1 Aug 2000 14:02:25 -0400 Received: (from vdanen@localhost) by devel.danen.net (8.10.1/8.10.1) id e71G18x01657; Tue, 1 Aug 2000 12:01:08 -0400 X-Authentication-Warning: devel.danen.net: vdanen set sender to security@linux-mandrake.com using -f Date: Tue, 1 Aug 2000 12:01:08 -0400 From: Linux Mandrake Security Team <security@linux-mandrake.co...

=================================================================== "Birthdays are nature's way of telling us to eat more cake." Source Unknown ================================================================== Release Announcements ===================== This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.11 include: o Fix access to

=================================================================== "Birthdays are nature's way of telling us to eat more cake." Source Unknown ================================================================== Release Announcements ===================== This is the latest stable release of Samba 3.5. Major enhancements in Samba 3.5.11 include: o Fix access to

...fered the password prompt but even with the right password can't get in (sshd logs "PAM: Authentication Failure). Can the same not be done with the "without-password" option? Thanks. -- OpenSLS - Secure Linux Server: http://opensls.org/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD} -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part Url : http://lists.mindr...

Greetings all. I usually don't get involved in the mailing lists unless it is of a major importance. Here is a new problem that came up with the 3.3.p1 version, which I already reported to the Mandrake Developers on their RPM build. Basically, it boils down to this. In the Priv Seperation Mode or not, the public Key Authentication is throughly broken on all 3 versions of Keys,

Hello, I have recently compiled and installed release 3.8.1p1. This was done on a Solaris 8 system using LDAP as its naming service. The new release, however, will not let me log in (as a regular user). I repeatedly get "Permission denied, please try again" messages. The root user, though, can log in okay. The same thing happened with the 3.7.1p2 release. The 3.6.1p1 release

Hi all. I've looked at the archives and it seems to be quiet regarding this supposed "0-day" openssh vulnerability and I'm wondering if anyone here may have some insight or further information regarding it. We've been monitoring things and the amount of speculative info flying around is incredible. Some claim it's the CPNI-957037 issue, thus affecting <5.2, others

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: dump Date: July 11th, 2000 Advisory ID: MDKSA-2000:018 Affected versions: 6.0, 6.1, 7.0, 7.1

Hi folks. We were made aware of a MITRE CVE assignment on OpenSSH for a remote DoS in sftp, described as: The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via