search for: vunerabilities

I made a list of /usr/bin scripts which allows /tmp races. Following ones creates /tmp/something.$$, then, with no permission/ownership checking, /tmp/something.$$.x (x may vary ;), or even performs suitable checks, but gives enough time to alter /tmp contents: glibcbug, bashbug, znew, mailstat, autoupdate, x11perfcomp, gccmakedep, pnmindex, xcopy, autoheader, cvsbug, rcs2log, updatedb, igawk,

CentOS-6.5 Apache httpd-2.2.15 We have a webdav folder accessible only by https. In conformance with the advisory we removed SSLv3 from the SSLProtocol directive of the Apache server on that webdav host, so that it now looks like this: SSLProtocol +TLSv1 Now I cannot connect to the webdav service from my gnome desktop. When I open the webdav folder I get a window with the following error

Hi, From v3.0.0 onwards the hash function implemented by Rsync was changed from MD4 to MD5 (http://rsync.samba.org/ftp/rsync/src/rsync-3.0.0-NEWS). My understanding is that MD5 is a more secure, slower version of MD4 but I am not convinced that the added security of MD5 would alone have merited the change from MD4 (particularly since MD4 is ~30% faster than MD5). I wonder if I am missing other

...Other infection symptoms include a ".w0rm0r/" subdir and suid root copy of /bin/sh named ".w0rm" in /tmp, and possibly a "w0rm::2666:777:ADM Inet w0rm:/:/bin/sh" entry in your passwd file. As far as I can tell, the worm is capable of detecting several well-known vunerabilities. The logs the Russian company sent us, and the logs that the worm itself kept, would seem to indicate it's scanning IMAP ports. It also seems to be scanning POP, rsh/rlogin, telnet and FTP ports, finger, gopher, etc... Once it's into your system, the worm presumably begins to scan and lo...

http://bugzilla.mindrot.org/show_bug.cgi?id=362 Summary: Loss of change password functionality Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org

from MD4 to MD5 (http://rsync.samba.org/ftp/rsync/src/rsync-3.0.0-NEWS). My understanding is that MD5 is a more secure, slower version of MD4 but I am not convinced that the added security of MD5 would alone have merited the change from MD4 (particularly since MD4 is ~30% faster than MD5). I wonder if I am missing other reasons which made the change necessary/desirable? I am looking at ways

On Wednesday 23 August 2006 07:25, wine-users-request@winehq.org wrote: > you can't double click an exe, you have > to run it with wine, ie "wine game.exe". there is a way to make it so that > you can double click exe files, but that way makes your system vulnerable > to windows virii, so you should really stick to the standard. On my Debian Sid system, I CAN double

Hi All, This is a general VPN question; PPTP VPNs seem to be very easy to set up with CentOS as the VPN server and the built-in windose client, but how do list members feel about the security vunerabilities reported with the MS implementation? Specifically the 6 problems reported here : http://www.schneier.com/pptp-faq.html or maybe im being paranoid? Would any of you roll this solution out using the MS client for business use? I generally dont trust anything MS does, especially when security is c...

Hi, First look this vulnerability issue: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3933 My application models: http://pastie.org/1709174 On my departments form, when user selects a health unit, I copy all health unit attributes including address and street. The parameters hash looks like this: http://pastie.org/1709217 But this was considered a vunerability issue, the

Typical "[symbolic|hard] link bug" is a vunerability, which allows user X to overwrite files owned by Y (with useless portion of junk) when Y launchs buggy program. But this trivial (and often ignored) attack method can be easily turned into a cute, powerful weapon. Here''s an example how to perform advanced exploitation of gcc symlink bug (I choosen that one, because this

Hi, This patch (against the current CVS tree) is intended to add secure configuration to icecast 'out of the box'. It adds two configuration directives, 'icecast_user' and 'chroot_dir'. These are intended to be used together to reduce the privileges icecast runs under to the minimum necessary. When this is enabled and run as root icecast will enter the specified chroot

I have a User and Topic model. A user subscribes to a topic, so there is a many-to-many relationship between User and Topic. So my User model object is using has_many_and_belongs_to :topics and vice versa. I want to find all the topics that a user has *not* subscribed to. This is what I''ve got: @user = User.find(params[:id]) @topics = Topic.find(:all, :conditions =>

...mes with FC2+/RHEL4. One of these days I'll break the client from the server portion in the SPEC file, and host my own APT/YUM repository so it will work with APT/YUM and not generate conflict. But until then, if anyone wants my version, let me know. I try to keep up with UW IMAP releases as vunerabilities are found. The SPEC file only needs to be modified slightly on each new version. -- Bryan J. Smith mailto:b.j.smith at ieee.org

Hello, I am working on a bounds checking gcc(based on Richard Jones work) with a low enough overhead that will make it acceptable in production code. And i obtained openssh-3.2.2p1 with the view of testing the effectiveness of my code detecting the recently reported vunerability,but my code fails on with an error report of a use of memcpy with overlapping source and destination regions. I have

Note: Joomla 1.0.4 Contains fixes for 6 Security Vunerabilities. -- Sem.

Hello All ! why freebd user can't member more than 15 group ? my system is FreeBSD 4.8-RC I need that scripts running from user "master" make some changes if files that owned by other users. Shurely i can set UID of master to "0" but this increace vunerability of system. in /etc/group I add user1:*:1001:master ... user15:*:1015:master --- all work Ok user master member

Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg

For those of you wanting to salvage your Cisco ATA-186 after inadvertent locking, or after recovering your devices from a vendor who has locked them, here is a rainy-day project for you: http://www.sst.com/downloads/datasheet/S71077.pdf The above document gives exact specifications on the 4mb flash EEPROM that stores all program and configuration data on the ATA-186 (aka Komodo.) If you

... By my mistake a 2.2.8a-1 running on RH8 was exposed to the Internet. It was cracked in a matter of hours. I noticed it because they've deleted my smbd. :-| I'm ready to reinstall the machine, if there are any logs that anybody is interested into please say it now.

From: Wade Maxfield <maxfield@ctelcom.net> > Many thanks to the moderator who pointed out errors and suggested the > correct information on this post. Over half the ideas are due to him. ;) > 1. Programs put data in local variables in functions. These variables > are on the computer stack. Feeding data to those variables (usually > string variables) causes the