similar to: Provably Fixing the SSH Binary Packet Protocol

OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary

OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary

I''m trying to do VM migration on XEN 3.0 and am getting the below mentioned error. Both the nodes have same OS installed. Both have AMD CPU''s. XM live migrate or XM migrate with VM powered off both ways I''m getting the error. /usr/lib64/xen/bin/xc_save 20 None 0 0 0 failed Any advice/suggestion on how to resolve this? Thanks Mihir

Hi, I want to generate sdome vectors with results from glm(), for later processing. How can I extract the t values and the associated p values? I suppose something starting with summary(g)$... Thanks iago --- Bellare semper illicitum est -.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.- r-help mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html

This is the 1st revision of the Advisory. This document can be found at: http://www.openssh.com/txt/buffer.adv 1. Versions affected: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. 2. Solution: Upgrade to OpenSSH

Hi Gerhard, This is not exactly true. CTR modes have the length field encrypted. etm MAC modes and AES-GCM have the length field in cleartext. CBC is dangerous because the length field is encrypted with CBC. aes128-ctr + hmac-sha256 doesn't have any known vulnerability and encrypts the packet length, but uses the bad practice of e&m. chacha20-poly1305 encrypts both payload and packet

Here I would like to suggest a replacement for MAP_ANON on systems which do not have it, such as Solaris < 8. In "man mmap" of Solaris 8: When MAP_ANON is set in flags, and fd is set to -1, mmap() provides a direct path to return anonymous pages to the caller. This operation is equivalent to passing mmap() an open file descriptor on /dev/zero with

A colleague was having trouble running OpenSSH 3.3p on his server. He, like many of us, has been clobbered by the mighty security penis of Theo De Raadt into enabling "privsep". But on some Linux 2.2 kernels, this is broken. Apparantly, OpenSSH "portable" relies on non-POSIX compliant mmap() features. Making the mmap() call in monitor_mm.c look something like this:

Hello, Next weekend it's FOSDEM 2008 and Dag and i would like to propose to have a dinner Saturday evening in Leuven like quite some people did last year. This year we'll try to have a reservation :-) ?People willing to discuss/work on rpmrepo/centos/rpmforge during a nice meal should let me know as soon as possible so i can make the reservation at the restaurant! Lot's of info:

Hello, It would be nice if we could get a full list of packages which have a wrong sha1 checksum. I don't have the bandwidth for a full mirror of all of Dag's rpms and i also don't have shell access to such a mirror. So a small request for a mirror admin: The following checks the files repodata/*.xml.gz against the sha1 sums in repomd.xml and checks the RPMS/*.rpm files against

Hi! I use MS-Client for pre-Windows 95 computers to use shares on my Linux boxes, but also to serve their disks to everyone else. This used to work, but I gradually upgraded and problems arose. This afternoon, I wanted to use smbclient to access a share on the Dos-computer, it gave listings of what was there, but I couldnt retrieve any file. Mounting didn't work either, because I still had