search for: vuls

Will there be a BIND patch available for this vulnerability, for CentOS 3.9? http://www.kb.cert.org/vuls/id/800113

Howdy, The string of notices on BugTraq about RSAref being vulnerable to overflows has me concerned. After trying to sort through all the messages, I can't figure out whether I need to update OpenSSL (a check of their website indicates no new patches), OpenSSH, both, or neither. I am aware there is no known exploit for it yet. I could be a bad boy and just run all

Hi all, I am having a problem getting my fucntion to work correctly. Here is my problem. I have three ages: Nage<-c(1,2,3) I have an weight matrix: Wt<-c( 0.04952867, 0.23808432, 0.34263880) I have an age schedule of maturity: Mat<-c(0,1,1) where 0 is not mature, and 1 is mature I have a vulnerability schedule: Vul<-c(0,1,1) I have an survivorship schedule:

Any information on when (or if) the following timestamp vulnerability will be fixed for 4.X? Any information would be appreciated. http://www.kb.cert.org/vuls/id/637934 Thanks. Richard Coleman rcoleman@criticalmagic.com

...ixed in the CVS repository. http://www.kame.net/dev/cvsweb2.cgi/kame/kame/sys/netinet6/ipcomp_input.c.diff?r1=1.36;r2=1.37 PROVIDED AND/OR DISCOVERED BY: US-CERT credits Shoichi Sakane. NetBSD credits the Coverity Prevent analysis tool. ORIGINAL ADVISORY: US-CERT VU#110947: http://www.kb.cert.org/vuls/id/110947

...{ 192.168.16.0/24; }; // Defined ACL End options { directory "/var/cache/bind"; version "0.0.7"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 208.67.222.222; 208.67.220.220; }; //======...

...ve/ The reality is that all of the CBC mode ciphers are vulnerable and this includes the old standby [3DES-CBC] and even, likely, [BLOWFISH-CBC]. We can look at the references provided by the Retina finding for a more detailed analysis. The first is the reference from CERT: http://www.kb.cert.org/vuls/id/958563 This clearly states that ALL CBC mode ciphers are vulnerable and that the only real mitigation is to use CTR mode, or other secure ciphers which do not use Cipher Block Chaining (like [ARCFOUR]). The last reference is from OpenSSH: http://openssh.org/txt/cbc.adv They basically suggest...

Is the splash screen RLE is standard 640x480x4 or a modified one because I can neither open the file in Photoshop CS2 (Windows under ext2fsd) or Gimp 2.2 (Linux 2.6.12.16ubuntu) and I am unable to decipher Perl scripts. Will syslinux support standard RLE?

Hi, We are using your product openssh 2.3.0p1 and we should upgrade to openssh 3.7.1p1 mainly for better SSH2 support but also for the bug reported on <http://www.kb.cert.org/vuls/id/333628> Is this problem located on the server side or on the client side, or both? Regards, Carin Andersson Software Developer Ericsson AB

...s for the MD5SUM method of hashing, so it is possible to modify a file and make it have the same MD5SUM as another file. See this link for details on Collision Attacks: http://en.wikipedia.org/wiki/Collision_attack Recommendation from the US-CERT concerning MD5SUM hashes: http://www.kb.cert.org/vuls/id/836068 Based on the above information, the CentOS team will be using sha256sum (sha-2) and not md5sum to generate future hashes for posting on our e-mail announcements to the CentOS Announce Mailing List. Thanks, Johnny Hughes The CentOS Project -------------- next part -------------- A non-t...

...s for the MD5SUM method of hashing, so it is possible to modify a file and make it have the same MD5SUM as another file. See this link for details on Collision Attacks: http://en.wikipedia.org/wiki/Collision_attack Recommendation from the US-CERT concerning MD5SUM hashes: http://www.kb.cert.org/vuls/id/836068 Based on the above information, the CentOS team will be using sha256sum (sha-2) and not md5sum to generate future hashes for posting on our e-mail announcements to the CentOS Announce Mailing List. Thanks, Johnny Hughes The CentOS Project -------------- next part -------------- A non-t...

Running Borderlands GOTY on Wine 1.3.35 with WINEPREFIX=win32 on amd64 with WINEDEBUG=warn+all produces the following error log: http://paste.ubuntu.com/779465/ (warning: 8 MB) A tl;dr of this is GPF followed by std::terminate->abort() due to pure virtual function call. What am I doing wrong, as a Gold rating on appdb implies that the game should be working? -- 001100 Andrey

Hello I'm a bit confused about the "tcp time stamp validation bug" mentioned in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19). Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not look like this. But I'm not sure. Regards, Thomas

On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > Hi, > > fixes for the vulnerability described in http://www.kb.cert.org/ > vuls/id/637934 > were checked in to CURRENT and RELENG_5 by ps in April. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c > > Revisions 1.270 and 1.252.2.16 > > He didn't commit it to RELENG_5_4 for some reason, so 5.4 shipped with > it. > > My gues...

I have a few questions: 1) Is OpenSSH 2.9p2 (or any other version of OpenSSH) vulnerable to the same problem as SSH3.0.0? (described here: http://www.kb.cert.org/vuls/id/737451 ) 2) There is a "SECURID" patch in the contrib section since 2.5.2p2. I am using it, but applying this patch to each new version is growing more difficult as time goes on. Would you consider merging this function into the core of openssh? (with a configure flag and everything...

...ly. Alternatively, apply the appropriate source code patch(es) referenced in MITKRB5-SA-2004-002 and MITKRB5-SA-2004-003 and recompile. These vulnerabilities will be addressed in krb5-1.3.5. Appendix A. References * Vulnerability Note VU#795632 - <http://www.kb.cert.org/vuls/id/795632> * Vulnerability Note VU#866472 - <http://www.kb.cert.org/vuls/id/866472> * Vulnerability Note VU#350792 - <http://www.kb.cert.org/vuls/id/350792> * Vulnerability Note VU#550464 - <http://www.kb.cert.org/vuls/id/550464> * M...

.... References: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD http://www.cert.org AUSCERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian -- ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and...

...nmp/files/patch-aclocal.m4 1.1 - ------------------------------------------------------------------------- VII. References <URL:http://www.cert.org/advisories/CA-2002-03.html> <URL:http://www.ee.oulu.fi/research/ouspg/protos/> <URL:http://www.kb.cert.org/vuls/id/107186> <URL:http://www.kb.cert.org/vuls/id/854306> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iQCUAwUBPGmij1UuHi5z0oilAQGFQgP4ku0xC5v8hKJBXYbiSXmwVDpHpV6WHIWP zuTSiyvKbUX7nKm6c9IMB+5ep2/SGdJXxWos+YZcncv8VgR5i47K1M1dYXwwniRg...

.... References: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD http://www.cert.org AUSCERT Advisory AA-1999.01 ftp://www.auscert.org.au/security/advisory/AA-1999.01.wu-ftpd.mapping_chdir.vul AUSCERT Advisory AA-1999.02 ftp://www.auscert.org.au/security/advisory/AA-1999.02.multi.wu-ftpd.vuls Cristian - -- - ---------------------------------------------------------------------- Cristian Gafton -- gafton@redhat.com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel...

...med.conf"; And This is my /etc/bind/named.conf.options content: options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //====================...