Displaying 9 results from an estimated 9 matches for "vulnerabilit".
Did you mean:
vulnerability
1999 Jun 09
3
Port 7 scan
Over the last several day, we''ve been getting pretty regular scans from a
non-existant host on our port 7. Any idea what they are looking for/what are
some of vulnerabilites with echo?
Thanks
Coral Cook
2006 Jul 28
2
Ruby vulnerability?
Hi,
FYI, Red Hat released an advisory today about a vulnerability in Ruby. So
far it doesn't appear in the VuXML, but am I correct in presuming it will
soon?
https://rhn.redhat.com/errata/RHSA-2006-0604.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
cheers,
-- Joel Hatton --
Infrastructure Manager | Hotline: +61 7 3365 4417
A...
2009 Jan 22
3
disable rquotad and pop
Hi all,
I am trying to find out how to disable rquotad and pop (port 443)
for rquotad /etc/sysconfig/nfs has it quoted out but yet it is running?
How do I disable it?
also what about pop?
Jerry
1996 Dec 06
0
phf & Bash exploit
...ably fairly well known, I found it by accident while reading
about the 0xFF command sperator in older version of bash shell.
The newer phf cgi that comes with some versions of picasso and rembrant
have been patched for the obvious 0x0A newline escape, but can still be
escaped using 0xFF.
It takes vulnerabilites in both phf and bash for it to work.
I have tested this very successfully on many linux machines. I would
imagine that most people are aware of the 0x0A escape and so when they
test it on their own box they think they are safe from phf exploitation.
The syntax for the exploit is almost identica...
2004 Mar 02
1
Re: FreeBSD Security AdvisoryFreeBSD-SA-04:04.tcp
...1.73.2.31.2.1
> src/sys/netinet/tcp_var.h 1.56.2.13.2.1
> - ------------------------------------------------------------------------
-
>
> VII. References
>
>
<URL:http://www.idefense.com/application/poi/display?id=78&type=vulnerabilit
ies>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4
>
> iD8DBQFAROKHFdaIBMps37IRAu9EAJ9VY70IDYdjr6GkKJCJCGyvBV3OcQCeIXwL
> UDTQ4rcO/SP2rFRZ0Mcj1iQ=
> =Gkct
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-security@freeb...
2010 Apr 01
4
POST-only logic in protect_from_forgery considered harmful?
Hi folks,
I am just getting into rails again after a multi-year stint of
mod_perl jobs, which might grant me some newbie-indemnity for the time
being - but I''ve found an issue I think warrants discussion.
As discussed here - http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection/ClassMethods.html
- the CSRF protection feature does not kick in for GET requests. This
2004 Mar 29
1
cvs commit: ports/multimedia/xine Makefile
...es are not very severe. For example, this
>>>issue has practically no impact on single user systems, and quite
>>>possibly no impact on any FreeBSD user anywhere. Marking the port
>>>FORBIDDEN in this case seems extreme.
>>
>>It's in the official FreeBSD vulnerability database.
>
> The vulnerability database is meant to be comprehensive and
> informational. It is not a policy document.
I guess it is supposed to be processed by automated tools? It needs a
clearly defined policy, an informal document is useless for portaudit.
>>>I'd pref...
2000 Jan 27
6
EGD requirement a show stopper for me
On Thu, Jan 13, 2000 at 17:34:10, Andre Lucas wrote:
> Subject: /dev/urandom
> On Thu, Jan 13, 2000 at 09:24:01AM -0700, SysProg - Nathan Paul Simons wrote:
> > On Thu, 13 Jan 2000, Ben Taylor wrote:
> >
> > > On Thu, 13 Jan 2000, Max Shaposhnikov wrote:
> > > > why ssh1.27 doesn't requre /dev/urandom on solaris?
> >
> > i think the
1999 Jun 04
0
Forw: 2.2.x kernel vulnerability
...-Mailing-List: <redhat-watch-list@redhat.com> archive/latest/28
X-Loop: redhat-watch-list@redhat.com
Precedence: list
Resent-Sender: redhat-watch-list-request@redhat.com
X-URL: http://www.redhat.com
- --9amGYk9869ThD9tj
Content-Type: text/plain; charset=us-ascii
New packages that correct a vulnerability in the kernels that shipped
with Red Hat Linux 6.0 are now available. When exploited this
vulnerability allows remote users to crash machines running 2.2.x
kernels. Thanks to Piotr Wilkin for reporting the problem and to Alan
Cox for the fix.
Red Hat Software recommends that all users with netw...