search for: vunerable

I made a list of /usr/bin scripts which allows /tmp races. Following ones creates /tmp/something.$$, then, with no permission/ownership checking, /tmp/something.$$.x (x may vary ;), or even performs suitable checks, but gives enough time to alter /tmp contents: glibcbug, bashbug, znew, mailstat, autoupdate, x11perfcomp, gccmakedep, pnmindex, xcopy, autoheader, cvsbug, rcs2log, updatedb, igawk,

CentOS-6.5 Apache httpd-2.2.15 We have a webdav folder accessible only by https. In conformance with the advisory we removed SSLv3 from the SSLProtocol directive of the Apache server on that webdav host, so that it now looks like this: SSLProtocol +TLSv1 Now I cannot connect to the webdav service from my gnome desktop. When I open the webdav folder I get a window with the following error

Hi, From v3.0.0 onwards the hash function implemented by Rsync was changed from MD4 to MD5 (http://rsync.samba.org/ftp/rsync/src/rsync-3.0.0-NEWS). My understanding is that MD5 is a more secure, slower version of MD4 but I am not convinced that the added security of MD5 would alone have merited the change from MD4 (particularly since MD4 is ~30% faster than MD5). I wonder if I am missing other

...ogs the Russian company sent us, and the logs that the worm itself kept, would seem to indicate it's scanning IMAP ports. It also seems to be scanning POP, rsh/rlogin, telnet and FTP ports, finger, gopher, etc... Once it's into your system, the worm presumably begins to scan and look for vunerable machines again. How it picks the IP addresses to scan is not presently known to me. Presumably, the "gimmieip" binary takes care of that. Someone with more time can dissect it and post the results. Here is a file I found on the infected machine called "/tmp/outro" - it appear...

...vsep architecture which has been designed is not compatible with PAM, and is outside the scope of how PAM is normally used. ie: It breaks the PAM standard. An alternative is to upgrade to Solaris 9 which ships with SunSSH (a product based on OpenSSH which does not have privsep and by default is not vunerable to the security exploit which privsep resolves). Also, for your reference if there is any feature in OpenSSH 3.3 or newer which does not exist in SunSSH you can log a request for enhancement for the new feature to be included in future releases. Let me know if you require any further information/a...

...iscredited algorithm. See http://tools.ietf.org/html/draft-turner-md4-to-historic-00.</font> <br> <br><font size=2 face="sans-serif">Creating secure hashing functions is notoriously difficult. Several times algorithms previously thought secure have been shown to be vunerable to certain attacks. MD5 has also been discovered to be vunerable. See the article &quot;MD5 considered harmful today&quot; at http://www.win.tue.nl/hashclash/rogue-ca.</font> <br> <br><font size=2 face="sans-serif">So the question is, does rsync need a hash...

On Wednesday 23 August 2006 07:25, wine-users-request@winehq.org wrote: > you can't double click an exe, you have > to run it with wine, ie "wine game.exe". there is a way to make it so that > you can double click exe files, but that way makes your system vulnerable > to windows virii, so you should really stick to the standard. On my Debian Sid system, I CAN double

Hi All, This is a general VPN question; PPTP VPNs seem to be very easy to set up with CentOS as the VPN server and the built-in windose client, but how do list members feel about the security vunerabilities reported with the MS implementation? Specifically the 6 problems reported here : http://www.schneier.com/pptp-faq.html or maybe im being paranoid? Would any of you roll this solution out

Hi, First look this vulnerability issue: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3933 My application models: http://pastie.org/1709174 On my departments form, when user selects a health unit, I copy all health unit attributes including address and street. The parameters hash looks like this: http://pastie.org/1709217 But this was considered a vunerability issue, the

...g VIRUS, which infects every file which is beign compiled. How to protect yourself? In this case, it''s quite simple, this problem has been already discussed on BUGTRAQ. But that''s just an well-known example of ''not-so-interesting symlink bug''. Almost any symlink-vunerable program, which stores any data (even PIDs) in their temporary files, may be exploited in that way (eg. not so easy to fix gzexe problem). _______________________________________________________________________ Michał Zalewski [tel 9690] | finger 4 PGP [lcamtuf@boss.staszic.waw.pl] Iterować jest rz...

Hi, This patch (against the current CVS tree) is intended to add secure configuration to icecast 'out of the box'. It adds two configuration directives, 'icecast_user' and 'chroot_dir'. These are intended to be used together to reduce the privileges icecast runs under to the minimum necessary. When this is enabled and run as root icecast will enter the specified chroot

I have a User and Topic model. A user subscribes to a topic, so there is a many-to-many relationship between User and Topic. So my User model object is using has_many_and_belongs_to :topics and vice versa. I want to find all the topics that a user has *not* subscribed to. This is what I''ve got: @user = User.find(params[:id]) @topics = Topic.find(:all, :conditions =>

From: Matt Hyclak <hyclak at math.ohiou.edu> > Actually, the more direct replacement would be Dovecot. > Cyrus can be complicated to set up and get running. I actually modified the old UW IMAP 2002 SPEC file from RHL9/FC1, and modified a few config files, to support UW IMAP 2004b. I made one with both RFC3501 (no text passwords over SSL) and non-RFC3501 (legacy, text passwords

Hello, I am working on a bounds checking gcc(based on Richard Jones work) with a low enough overhead that will make it acceptable in production code. And i obtained openssh-3.2.2p1 with the view of testing the effectiveness of my code detecting the recently reported vunerability,but my code fails on with an error report of a use of memcpy with overlapping source and destination regions. I have

Note: Joomla 1.0.4 Contains fixes for 6 Security Vunerabilities. -- Sem.

Hello All ! why freebd user can't member more than 15 group ? my system is FreeBSD 4.8-RC I need that scripts running from user "master" make some changes if files that owned by other users. Shurely i can set UID of master to "0" but this increace vunerability of system. in /etc/group I add user1:*:1001:master ... user15:*:1015:master --- all work Ok user master member

Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg

For those of you wanting to salvage your Cisco ATA-186 after inadvertent locking, or after recovering your devices from a vendor who has locked them, here is a rainy-day project for you: http://www.sst.com/downloads/datasheet/S71077.pdf The above document gives exact specifications on the 4mb flash EEPROM that stores all program and configuration data on the ATA-186 (aka Komodo.) If you

... By my mistake a 2.2.8a-1 running on RH8 was exposed to the Internet. It was cracked in a matter of hours. I noticed it because they've deleted my smbd. :-| I'm ready to reinstall the machine, if there are any logs that anybody is interested into please say it now.

...py or send a > file to the wrong location. A race condition is called that due to the > winner being the first one to win the "race." Basically, if your program > checks permissions and then decides to do something with the information > it gathered, then does it, it will be vunerable to a race. A fairly crude way of checking for this is at http://www.notatla.demon.co.uk/SOFTWARE/SCANNER/scanner-1.0b.tar.gz Better to think about how you write the code though. > To handle this, you must put in a lot of thought. Generally, a file > operation is a serial resource that is...