search for: vulerability

Asterisk Project Security Advisory - AST-2017-007 Product Asterisk Summary Remote Crash Vulerability in res_pjsip Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Moderate Exploits Known No...

Hi. I frequently convert date and time data to and from character representations. I'm frustrated with chron, because 'seconds' are required to create a time object (my input data never has seconds). More importantly, I cannot make chron print the format 12/30/2006 (which my output data requires). I really like the format flexibility of strftime() and strptime(), but of course

Hi I'd like to know if the present version of Bind in CentOS 6 (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776. According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) as of Sep 2014. Regards ian

Hi! Since linux-flashplugin7 r63 is vulnerable according to http://vuxml.FreeBSD.org/7c75d48c-429b-11db-afae-000c6ec775d9.html isn't www/linux-seamonkey vulerable, too (it seems to include 7 r25)? Bye Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

At 14:24 9/19/2004, JohnsoBS@vicksburg.navy.mil, wrote: >Personally, unless one has great need not to, I highly recommend upgrading >to samba3 to start with. The perfomance gains alone I found well worth it. >Plus if you plan to integrate into a network with 2k/XP/2K3, it will greatly >improve compatibility. OK. I tried to install samba 3.0.7,1. Got the same error:

Hi Timo, reading this http://www.kuketz-blog.de/perfect-forward-secrecy-mit-apple-mail/ it looks like DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA can be forced in use with apple mail ( if no ECDHE is possible ,by missing openssl 1.x etc, seems that apple mail tries ECDHE first if fails its going to use RSA-AES128-SHA ) force soltution as tried ssl_cipher_list =

Having a god-awful time installing Rails. I started with the instructions found on this page: http://articles.slicehost.com/2007/11/23/ubuntu-gutsy-mysql-and-ror I get the following error: vbfischer@ubuntu:~$ sudo gem install rails [sudo] password for vbfischer: Bulk updating Gem source index for: http://gems.rubyforge.org/ Updating metadata for 13 gems from http://gems.rubyonrails.org/

...tls". From [1] : """ Summary LDAP channel binding and LDAP signing provide ways to increase the security of network communications between an Active Directory Domain Services (AD DS) or an Active Directory Lightweight Directory Services (AD LDS) and its clients. There is a vulerability in the default configuration for Lightweight Directory Access Protocol (LDAP) channel binding and LDAP signing and may expose Active directory domain controllers to elevation of privilege vulnerabilities. Microsoft Security Advisory ADV190023 address the issue by recommending the administrato...

Hi, Recently some security issues with bind have come up. NetBSD patched it's version of 9.3.0: http://mail-index.netbsd.org/source-changes/2005/01/27/0009.html Is the version in RELENG_5 not affected? (ftp://ftp.isc.org/isc/bind/9.3.0/9.3.0-patch1) Bye, Mipam.

Hi, We are using CentOS 5.5 as a base OS for one of our products.The version of Glibc we are using was glibc-2.5-123.el5_11.1. We wanted to see whether this glibc is vulerable to CVE-2015-1781. I have gone through re-documentation & came across the following link https://access.redhat.com/security/cve/cve-2015-1781 In the link it is mentioned that, the CVE will not be fixed in Red-Hat 5

my ports database seems to have become broken. I'm running -stable, but haven't rebuilt the system in a year or so (I know, security vulerabilities, but the box has been shelved in this time). anyhow, at this point, I can't do even a make clean in ports, or build portupgrade. I fetched portupgrade with pkg_add hoping that running pkgdb -F would sort things out, but it errors with: **

...---------- All four of these are potentially remotely exploitable. 1. The client master key in SSL2 could be oversized and overrun a buffer. This vulnerability was also independently discovered by consultants at Neohapsis (http://www.neohapsis.com/) who have also demonstrated that the vulerability is exploitable. Exploit code is NOT available at this time. 2. The session ID supplied to a client in SSL3 could be oversized and overrun a buffer. 3. The master key supplied to an SSL3 server could be oversized and overrun a stack-based buffer. This issues only affects OpenSSL 0....

I am currently NOT using SSL on my Samba domain. While reading "Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC" and thinking about implementing. I'm having trouble "getting my head" around what certificates go where. Simply put, I am not clear as to generating certificates on the clients and then copy which files to to the server or vice versa? What happens when

Hi debug-info folks, Time for another update on the variable location "instruction referencing" implementation I've been doing, see this RFC [0, 1] for background. It's now at the point where I'd call it "done" (as far as software ever is), and so it's a good time to look at what results it produces. And here are the scores-on-the-doors using llvm-locstats, on

Awesome to read how it's coming along - I'm mostly aside from the debug location work, but had just one or two clarifying questions On Fri, Nov 6, 2020 at 10:27 AM Jeremy Morse <jeremy.morse.llvm at gmail.com> wrote: > > Hi debug-info folks, > > Time for another update on the variable location "instruction referencing" > implementation I've been doing,