search for: yuriev

...id,noexec,nodev) /opt (nosuid,nodev,ro) /services (nosuid,noexec,nodev) /home (nosuid,nodev) Alex ------- Forwarded Message Return-Path: owner-bugtraq@netspace.org Reply-To: C0WZ1LL4@netspace.org Sender: Bugtraq List <BUGTRAQ@netspace.org> From: C0WZ1LL4@netspace.org Approved: alex@yuriev.com To: BUGTRAQ@netspace.org Hello fellow mongoloids Try this: Make hard link of /etc/passwd to /var/tmp/dead.letter Telnet to port 25, send mail from some bad email address to some unreacheable hoost. Watch your message get appended to passwd. ie: cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh This is...

...derful things. Links to archives of this list as well as information about LSF updates is available under http://www.aoy.com/Linux/Security/ [Moderator''s hat off] Best wishes, Alex ----------------------------------------------------------------------------- Alex "Mr. Worf" Yuriev Nationwide ISP Bandwidth: [www.netaxs.net ] Net Access Outsourced News Reading: [www.newsread.com ] alex@{netaxs.com|yuriev.com} Outsourced Shell Accounts: [shellaccounts.com] RIP is irrelevant. Spoofing is futile. Your routes will be aggregated. --------------...

...semble packet from fragments first and only after that apply firewalling rulesets. Unless you have a really good reason not to do this ( and I am yet to hear one ), it should be set t yes. Alex ----------------------------------------------------------------------------- Alex "Mr. Worf" Yuriev Nationwide ISP Bandwidth: [www.netaxs.net ] Net Access Outsourced News Reading: [www.newsread.com ] alex@{netaxs.com|yuriev.com} Outsourced Shell Accounts: [shellaccounts.com] RIP is irrelevant. Spoofing is futile. Your routes will be aggregated. --------------...

-----BEGIN PGP SIGNED MESSAGE----- As I am sure you noticed from my messages to linux-{security|alert}, I have changed my primary email address from alex@bach.cis.temple.edu to alex@yuriev.com. Linux Security WWW will be moved from bach.cis.temple.edu in the nearest future and while I will continue to mirror pages to make them accessible at http://bach.cis.temple.edu/linux/linux-security/, please start using the master URL ( which probably will be on one of a systems at my apartment...

...39;'t ever do anything that you can''t later justify with "It seemed like a good idea at the time." -- Greg''s Bible From mail@mail.redhat.com Apr 02:04:14 1998 (EDT) -0400 Received: (qmail 12662 invoked from network); 14 Apr 1998 06:03:36 -0000 Received: from ding.yuriev.com (HELO ding.mailhub.com) (207.106.66.2) by mail2.redhat.com with SMTP; 14 Apr 1998 06:03:36 -0000 Received: (from alex@localhost) by ding.mailhub.com (8.8.7/8.8.5) id CAA10819; Tue, 14 Apr 1998 02:04:14 -0400 (EDT) Received: from mail2.redhat.com (mail2.redhat.com [199.183.24.247]) by ding....

-----BEGIN PGP SIGNED MESSAGE----- Buffer overflow in the resource handling code of the libXt (X11R6) Thu May 29, 1997 Distribution of this document is unlimited Copyright (C) Alexander O. Yuriev (alex@yuriev.com) Net Access Abstract A buffer overflow was found in the resource handling section of the X11 system (libXt). As this is a problem with libXt iself, every program using libXt is affected, including core programs such as xterm and...

Hello, I just made available a beta version of a port scan detector that I''ve been working on. The program, called Abacus Sentry, is a port scan/probe detector that offers what I think are a number of unique and useful features: - Runs on TCP or UDP sockets. Configurable by the user to bind to multiples of sockets for increased detection coverage. - Adjustable scan detection value with

...an idiot for posting this, but it should still not be possible to open up a system to remote root access simply by installing a standard RPM. -- Dan From mail@mail.redhat.com May 14:14:44 1998 (EDT) -0400 Received: (qmail 6450 invoked from network); 10 May 1998 18:13:41 -0000 Received: from ding.yuriev.com (HELO ding.mailhub.com) (207.106.66.2) by mail2.redhat.com with SMTP; 10 May 1998 18:13:41 -0000 Received: (from alex@localhost) by ding.mailhub.com (8.8.7/8.8.5) id OAA19497; Sun, 10 May 1998 14:14:44 -0400 (EDT) Received: from mail2.redhat.com (mail2.redhat.com [199.183.24.247]) by ding....

-----BEGIN PGP SIGNED MESSAGE----- $Id: lpr-vulnerability-0.6-linux,v 1.1 1996/11/22 21:42:46 alex Exp $ Linux Security FAQ Update lpr Vulnerability Thu Nov 21 22:24:12 EST 1996 Copyright (C) 1995,1996 Alexander O. Yuriev (alex@bach.cis.temple.edu) CIS Laboratories TEMPLE UNIVERSITY U.S.A. ============================================================================= This is an official Update of the Linux Security FAQ, a...

[Mod: forwarded from BUGTRAQ -- alex] ---------- Forwarded message ---------- Date: Sun, 6 Jun 1999 19:15:05 +0000 From: noc-wage <wage@IDIRECT.CA> To: BUGTRAQ@NETSPACE.ORG Subject: RedHat 6.0, /dev/pts permissions bug when using xterm Once again I''ve come up with another trivial Denial of Service flaw, (wow, I seem to be good at this Conseal Firewall, +++ath0, ppp byte-stuffing)

Alexander O. Yuriev wrote: > > Your message dated: Wed, 20 Nov 1996 18:04:39 EST > > >has anyone played with the securelevel variable in the kernel and the > > >immutable flags in the ext2 file system? > > > > Yes, and its actualy quite nice. > > > > >The sysctrl...

...RG Message-ID: <199705240145.WAA11413@morcego.linkway.com.br> Date: Fri, 23 May 1997 22:45:04 -0300 Reply-To: Rodrigo Barbosa <rodrigob@MORCEGO.LINKWAY.COM.BR> Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG> From: Rodrigo Barbosa <rodrigob@MORCEGO.LINKWAY.COM.BR> Approved: alex@yuriev.com Subject: cfingerd vulnerability To: BUGTRAQ@NETSPACE.ORG Hello, i don''t know if it has been noticed before, but cfingerd installs, by default, a search service. You can use it as: finger search.username@host Thats ok, but you can use keymasks. And if you do: finger sea...

...s that return "host unknown" and similiar will be placed into removal queue for 1 week from which they would be removed upon successful delivery. Otherwise, if after 1 week the error does not go away, the address will be unsubscribed. Please send your comments about this proposal to alex@yuriev.com Best wishes, Alex

[Mod: redirected to linux-security --alex] On Mon, 24 Mar 1997, Alexander O. Yuriev wrote: >This is yet-another reason to _partition_ your disks. Of course hard links >do not work accross filesystems. Even thought it is a pain in the neck to do >when installing your operating system, think about separating critical >system files from non-critical and non-system files f...

...o copies of linux-alert postings in the future then it''s quite likely because you were subscribed to both linux-alert and linux-alert-digest with slightly different e-mail addresses. You should probably unsubscribe one of the two addresses if the duplicate messages annoy you. Also: Alex Yuriev <alex@bach.cis.temple.edu> has now officially replaced me as Rogier Wolff''s co-moderator for both linux-security and linux-alert. As many of you no doubt know, Alex has been very active on the Linux security lists since their creation. He has also been the author of the numerous &q...

Hi, Recently once again an exploit for SuperProbe was posted to the bugtraq. That message was forwarded to linux-security and Rogier Wolff rejected it on the basis of the author of the SuperProbe (David Wexelblatt) comment that it was never intended to be suid. In general, there is absolutely no reason for programs that are supposed to be run only by root to be suid to root! If your

-----BEGIN PGP SIGNED MESSAGE----- $Id: lpr-vulnerability-0.6-linux,v 1.2 1996/11/25 22:39:20 alex Exp $ Linux Security FAQ Update lpr Vulnerability Mon Nov 25 16:56:59 EST 1996 Copyright (C) 1995,1996 Alexander O. Yuriev (alex@bach.cis.temple.edu) CIS Laboratories TEMPLE UNIVERSITY U.S.A. ============================================================================= This is an official Update of the Linux Security FAQ, a...

In message <199709161652.MAA31468@ding.mailhub.com>, "Alexander O. Yuriev" writ es: > > [Mod: This message is a reason *why* linux-security is moderated list. This > is also a reason why Rogier, myself, Alan Cox and others really do not want > to have completely open lists that deal with security related aspects of > running a system as way too many p...

...for <linux-security@redhat.com>; Mon, 7 Jun 1999 15:43:12 -0400 Received: (qmail 9480 invoked by uid 500); 7 Jun 1999 19:32:17 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 7 Jun 1999 19:32:17 -0000 Date: Mon, 7 Jun 1999 15:32:17 -0400 (EDT) From: <alex@yuriev.com> X-Sender: alex@cathy.uuworld.com To: linux-security@redhat.com Subject: RedHat 6.0, /dev/pts permissions bug when using xterm (fwd) Message-ID: <Pine.LNX.3.96.990607153153.9294D-100000@cathy.uuworld.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-moderate: yes [M...

Hi all, below a configuration for udev/initramfs which I propose to scan the block devices looking for a multi-volume btrfs filesystem. Btrfs has the capability to span a file-system on multiple device. In order to do that, the involved devices have to be "registered" in the kernel. In order to do that there are two options: # btrfs device scan <device> (or the old