Displaying 20 results from an estimated 20000 matches similar to: "3.6.1p2 plus buffer overflow vulnerabilities patch, sufficient?"
2008 Jul 24
1
The specified network name is no longer available
Hello Samba people,
I have been successfully using Samba for several years, across many
minor versions of Samba across many minor versions of Linux kernel 2.4.x
and 2.6.x, against a Windows 2000 and then in the past couple of years
2003 AD Domain. This morning, something broke...
Setting the stage:
RedHat Fedora based Linux box, FC8, updated over time using 'yum
update'...,
2001 Aug 09
0
[RHSA-2001:099-06] New telnet packages available to fix buffer overflow vulnerabilities
---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: New telnet packages available to fix buffer overflow vulnerabilities
Advisory ID: RHSA-2001:099-06
Issue date: 2001-08-02
Updated on: 2001-08-09
Product: Red Hat Linux
Keywords: telnet buffer overflow
Cross
2012 Jul 17
0
Buffer Overflow Vulnerability Study at Auburn University
Dear Sir/Madam,
We are two graduate students from Auburn University, working with Professor Munawar Hafiz. We are working on an empirical study project to understand the software engineering practices that go in companies that produce secure software; in particular, we are concentrating on how developers write code to prevent buffer overflow and integer overflow vulnerabilities. We are interested
2003 Apr 08
2
OpenSSH 3.6.1p1 on NCR MP-RAS v4.3, several weird terminal problems
I compiled OpenSSH 3.6.1p1 on NCR MP-RAS v4.3 (or at least
"uname -a"'s output of 4.0.3.0 suggests v4.3, I'm not positive).
I was able to compile zlib (1.1.4) and openssl (0.9.7a) with little
trouble.
OpenSSH took hand-hacking the includes.h file as follows:
diff -cr openssh-3.6.1p1/includes.h openssh-3.6.1p1-customized/includes.h
*** openssh-3.6.1p1/includes.h Sun Oct 20
2004 Aug 01
1
SSH login attempts: tcpdump packet capture
I got a packet capture of one of the SSH2 sessions trying to log in as a
couple of illegal usernames. The contents of one packet suggests an
attempt to buffer overflow the SSH server; ethereal's SSH decoding says
"overly large value".
It didn't seem to work against my system (I see no strange processes
running; all files changed in past ten days look normal).
I am
2007 Apr 17
0
VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow
Good day.
Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports,
but no sign of the issue in the VuXML. The entry is attached. One
thing that is a bit strange is that the ChangeLog for the ClamAV
(http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about
CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are
messed the numbers -- there is no such CVE, at
2007 Aug 03
0
"Asterisk can be attacked using buffer overflow."
Forbes.com - Magazine Article
<http://www.forbes.com/technology/2007/08/02/voip-security-flaws-tech-internet-cx_ag_0802techvoip.html>
LAS VEGAS - Internet Security VoIP Vandals
Andy Greenberg, 08.02.07, 12:32 AM ET
Internet telephone services like Skype and Vonage are
starting to look less like digital gimmicks and more
like the next generation of voice communication.
They're cheaper
2007 Dec 24
0
is there a known exploit of Samba "reply_netbios_packet()" Buffer Overflow Vulnerability please ?
Hi,
We're running samba 3.0.25a as a PDC on FreeBSD 6.1 in our office and
few weeks ago, our samba PDC (and soon all the service hosted on this
server) stop responding suddenly :-/
Everything went back to normal as soon as we disconnected from the
network, all the hosts that were in the same room as the 10.0.0.20
host (after asking the domain user connected at that moment to this
host, do
2003 Apr 07
0
Fwd: [VulnWatch] [DDI-1013] Buffer Overflow in Samba allows remote root compromise
FYI
>Mailing-List: contact vulnwatch-help@vulnwatch.org; run by ezmlm
>List-Post: <mailto:vulnwatch@vulnwatch.org>
>List-Help: <mailto:vulnwatch-help@vulnwatch.org>
>List-Unsubscribe: <mailto:vulnwatch-unsubscribe@vulnwatch.org>
>List-Subscribe: <mailto:vulnwatch-subscribe@vulnwatch.org>
>Delivered-To: mailing list vulnwatch@vulnwatch.org
2003 Sep 23
3
OpenSSH: multiple vulnerabilities in the new PAM code
This affects only 3.7p1 and 3.7.1p1. The advice to leave
PAM disabled is far from heartening, nor is the semi-lame
blaming the PAM spec for implementation bugs.
I happen to like OPIE for remote access.
Subject: Portable OpenSSH Security Advisory: sshpam.adv
This document can be found at: http://www.openssh.com/txt/sshpam.adv
1. Versions affected:
Portable OpenSSH versions 3.7p1
2004 Dec 17
2
Time to add exponential backoff for SSH interactive login failures?
I'm accustomed to systems where even the first failed login attempt
incurs a 5 second delay. I don't think that's too harsh, but everyone
has their own needs and considerations. This could be made
configurable.
-Jay
-----Original Message-----
From: Rick Jones [mailto:rick.jones2 at hp.com]
Sent: Wednesday, December 15, 2004 8:09 PM
To: Jay Libove
Cc: openssh-unix-dev at
2004 Feb 23
2
PKI and SSH
Due to unpleasant (but arguably valid) policy changes at work, any SSH
server within the work firewall must accept only PKI authentication.
Unless we can convince the higher-ups otherwise, we will also have to
use the commercial SSH server within the firewall. Of course, I should
be able to use whatever client I like. Unfortunately, it is not clear
that I can get OpenSSH to use PKI authentication.
2008 Jun 11
0
X.Org security advisory june 2008 - Multiple vulnerabilities in X server extensions
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
X.Org security advisory, June 11th, 2008
Multiple vulnerabilities in X server extensions
CVE IDs: CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361,
~ CVE-2008-2362
Overview
Several vulnerabilities have been found in the server-side code
of some extensions in the X Window System. Improper validation of
client-provided data can
1999 Nov 11
0
CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND (fwd)
For those who are unaware...
[mod: This whole bind affair has gone a bit out of hand. Elias from
Bugtraq found "public" info indicating the problem. ISC/CERT were
working on releasing the bugfix together with the fix. Now everybody
is scurrying to get fixes out now that "the public" knows about this.
As far as I know, Red Hat (& Caldera) made a new RPM, based on the
most
1997 Oct 21
0
SNI-19: BSD lpd vulnerabilities (UPDATE)
-----BEGIN PGP SIGNED MESSAGE-----
##### ## ## ######
## ### ## ##
##### ## # ## ##
## ## ### ##
##### . ## ## . ###### .
Secure Networks Inc.
Security Advisory
2000 Jul 03
0
[RHSA-2000:016-03] Multiple local imwheel vulnerabilities
---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Multiple local imwheel vulnerabilities
Advisory ID: RHSA-2000:016-03
Issue date: 2000-04-20
Updated on: 2000-07-03
Product: Red Hat Powertools
Keywords: imwheel buffer imwheel-solo
Cross references: N/A
2007 Oct 18
2
www/drupal4 and www/drupal5: Multiple security vulnerabilities
The Drupal project announced several security vulnerabilities for the
4.7.x and 5.x releases of the Drupal package. These effect two current
ports: www/drupal4 and www/drupal5.
The following are the security advisories that were posted:
4.7.x:
* DRUPAL-SA-2007-024: http://drupal.org/node/184315
* DRUPAL-SA-2007-026: http://drupal.org/node/184320
* DRUPAL-SA-2007-030:
2008 Mar 18
0
[gentoo-announce] [ GLSA 200803-25 ] Dovecot: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Dovecot:
2004 May 27
2
LHA security vulnerabilities
Dear sir;
i am using redhat 9 on a production server and i plan to migrate to centos
3.1.
the issue now is redhat 9 vulnerable to LHA package security vulnerabilities
.
and if so how can i solve this vulnerabilities till i implemment the
upgrade.
thanks in advance.
1997 Oct 02
2
SNI-19:BSD lpd vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
##### ## ## ######
## ### ## ##
##### ## # ## ##
## ## ### ##
##### . ## ## . ###### .
Secure Networks Inc.
Security Advisory