search for: verio

...4.68.9) 46.591 ms 47.718 ms 46.068 ms 5 tier1-1.LDN2.psie.net (154.14.65.2) 94.964 ms 93.940 ms 119.750 ms 6 msc-1.LDN5.psie.net (154.14.66.26) 143.557 ms 93.683 ms 99.242 ms 7 core2-8.msc-1.ldn4.psie.net (154.32.2.8) 93.804 ms 110.778 ms 92.980 ms 8 ge-1.linx.londen02.uk.bb.verio.net (195.66.226.138) 146.502 ms 153.991 ms 154.381 ms 9 p4-1-0-0.r80.nycmny01.us.bb.verio.net (129.250.4.181) 121.038 ms 122.658 ms 120.809 ms 10 p16-0-1-3.r21.nycmny01.us.bb.verio.net (129.250.2.170) 125.131 ms 120.853 ms 122.905 ms 11 p16-5-0-0.r02.asbnva01.us.bb.verio.net (129.250....

...patches: buffer46.patch -- For FreeBSD 4.6-RELEASE and later buffer45.patch -- For FreeBSD 4.5-RELEASE and earlier Currently, I don't believe that this bug is actually exploitable for code execution on FreeBSD, but I reserve the right to be wrong :-) Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se -------------- next part -------------- Index: crypto/openssh/buffer.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/buff...

What does mean this bizarre msgid? maillog: Mar 31 19:31:15 cu sm-mta[5352]: h2VFVEGS005352: from=<nb@sindbad.ru>, size=1737, class=0, nrcpts=1, msgid=<!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAfp4Fa2ShPE2u4pP/QpPDIMKAAAAQAAAAj+zb4Isbuk+tYEPVF9Vf, proto=ESMTP, daemon=MTA, relay=wg.pu.ru [193.124.85.219] -- Nikolaj I. Potanin, SA http://www.drweb.ru ID

In FreeBSD 5.x only telnet/telnetd works 'out of box' with kerberos. Why ftp/ftpd, ssh/sshd and cvs do not support kerberos ? Thanks!

My understanding was that at the beginning of each run the puppetmaster imports all modules so that any includes at the top level are applied directly. However, I am not so sure anymore. I''ve been tracing how this works and it seems like modules are included more lazily. In other words, when able_to_import is called seems like when the magic happens, rather than up front when the run

This affects only 3.7p1 and 3.7.1p1. The advice to leave PAM disabled is far from heartening, nor is the semi-lame blaming the PAM spec for implementation bugs. I happen to like OPIE for remote access. Subject: Portable OpenSSH Security Advisory: sshpam.adv This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1

...nd -STABLE over the next couple of days, and included in 4.9-RELEASE. Fixes for the security branches will be backported and incorporated over the next week. Don't expect to see a security advisory until most or all of the commits have been made. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se

Hi Jacques, list, On Mon, Aug 11, 2003 at 09:09:18AM +0100, Bruce M Simpson wrote: > cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -g -nostdinc -I- -I. -I/usr/src/sys -I/usr/src/sys/../include -I/usr/src/sys/contrib/ipfilter -D_KERNEL -include opt_global.h -elf

...ly dealt with until tomorrow or even Saturday. The official fixed version, OpenSSL 0.9.7c, was imported into -CURRENT yesterday, and will be MFC'd to -STABLE today, but it will be a bit longer to backport fixes for the security branches. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se

...iff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch # cd /usr/src/usr.sbin/sendmail # make obj && make depend && make && make install Official advisory will go out later today. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se

...iff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch # cd /usr/src/usr.sbin/sendmail # make obj && make depend && make && make install Official advisory will go out later today. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se

It seems (at least for me) the patches on ftp.freebsd.org are out of date for the 03:12 security advisory (openssh). ftp2.freebsd.org has them fine. I'm wondering if this is a mirror issue or perhaps round-robin DNS problem? What compounds the issue is that right now the old openssh 3.7 patches are there (on ftp.freebsd.org), but not the 3.7.1 patches (which can be found on

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:08.realpath Security Advisory The FreeBSD Project Topic: Single byte buffer overflow in realpath(3) Category: core Module: libc Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:07.sendmail Security Advisory The FreeBSD Project Topic: a second sendmail header parsing buffer overflow Category: contrib Module:

In regards to FreeBSD-SA-03:05.xdr, does anyone know which static binaries or tools under /bin or /sbin actually use that problem code? The recent XDR fixes the xdrmem_getlong_aligned(), xdrmem_putlong_aligned(), xdrmem_getlong_unaligned(), xdrmem_putlong_unaligned(), xdrmem_getbytes(), and/or xdrmem_putbytes() functions, but it is difficult to know what uses these (going backwards manually).

Can anyone with Heimdal KrbV verify this? -------------- next part -------------- An embedded message was scrubbed... From: Dag-Erling Smorgrav <des at ofug.org> Subject: Kerberos buglet in OpenSSH-3.3p1 Date: 25 Jun 2002 14:52:10 +0200 Size: 1291 Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020626/347e123e/attachment.mht

Hi, I understand that Simon may be discontinuing his OpenSSH work. Does anyone know if someone plans to maintain the patch? Thank you, -- ******************************************************* Quellyn L. Snead UNIX Effort Team ( unixeffort at lanl.gov ) CCN-2 Enterprise Software Management Team Los Alamos National Laboratory (505) 667-4185 Schedule B

>> They have refused to give us real details. > > Theo, in one of several replies, indicated that I should provide the > details to Ted Unangst (tedu@). I contacted Ted and provided him with > the details; he agreed with me about how and when it should be handled > by OpenBSD. > I've mailed with Theo and his main problem is that they (as the OpenBSD developers) did

...me to get a pop-up description of the CVE as provided by MITRE. - Each CVE name referenced in VuXML now has its own index page, e.g. cveitem-2004-1308.html and cveitem-2000-0442.html. Those pages contents are generated directly from MITRE's CVE list. Cheers, -- Jacques A Vidrine / NTT/Verio nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org