similar to: Is there any impact?

http://bugzilla.mindrot.org/show_bug.cgi?id=1201 Summary: Bind address information is not specified in command line help messages Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo:

Hello All, Im using OpenSSH 4.2p1. The getnameinfo() call in my system libc is broken and as a result SSH fails saying getnameinfo failed:host nor service provided. Im thinking of using getnameinfo() call available from openbsd-compat directory to get rid of this problem. As this is a production system, we can't make changes without convincing my syadmin and managers. I understand that

Does anyone know the practicality of this attack ? i.e. is this trivial to do ? ---Mike -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada

https://bugzilla.mindrot.org/show_bug.cgi?id=1477 Summary: ssh-keygen not reading stdin as expected Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: ix86 OS/Version: OpenBSD Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo:

For the 3rd consecutive term, the US Senate has introduced the "Truth in caller ID Act of 2009". It was passed by the Senate (finally) in January, and has moved to the House for a vote. A lot of states have ambiguous or overly restrictive language on how caller ID may be manipulated. For instance, if you have a PBX, and a call comes in from the PSTN, which you then loop back out

Hi all, when hardening dovecot against the POODLE vulnerability, we followed the advise to disable SSL2 and SSL3 but this is giving problems with some email clients (claws-mail). ssl_protocols = !SSLv2 !SSLv3 results in the following error: dovecot: pop3-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=XXX, lip=XXX, TLS handshaking: SSL_accept() failed: error:1408A0C1:SSL

Hi, Tavis Ormandy found some bugs in OpenSSL's ASN.1 and buffer code that can be exploited to cause a heap overflow: http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html Fortunately OpenSSH's sshd is not vulnerable - it has avoided the use of ASN.1 parsing since 2002 when Markus wrote a custom RSA verification function (openssh_RSA_verify):

Hello, I tried to use HostKeyAgent with sshd 6.7 under Linux. That worked for Linux clients. However, when I tried to connect from OpenSSH 6.2 under Mac OS X, the server disconnects: debug2: bits set: 1026/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY Connection closed by 84.22.97.209 When I disabled HostKeyAgent and switched HostKey back to the private

https://bugzilla.mindrot.org/show_bug.cgi?id=1478 Summary: ssh -V sends output to stderr instead of stdout Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo:

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: New majordomo packages available Advisory ID: RHSA-2000:005-05 Issue date: 2000-01-20 Updated on: 2000-05-31 Product: Red Hat Powertools Keywords: majordomo Cross references: N/A

Hi thanks for your help! Trying to set your same parameters, when restarting dovecot, gives the error: doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting: ssl_prefer_server_ciphers doveconf: Error: managesieve-login: dump-capability process returned 89 doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 136: Unknown setting:

https://bugzilla.mindrot.org/show_bug.cgi?id=2040 Priority: P5 Bug ID: 2040 Assignee: unassigned-bugs at mindrot.org Summary: Downgrade attack vulnerability when checking SSHFP records Severity: minor Classification: Unclassified OS: All Reporter: ondrej at caletka.cz Hardware: All

For those who haven't yet received this warning yet. Anybody from the core can tell about the background and possible fixes? <p>Regards, Stefan ------- Forwarded message follows ------- Date sent: Wed, 12 May 2004 13:50:17 +0200 To: secunia_security_advisories@stefan-neufeind.de Subject: [SA11578] Icecast Basic Authorization Denial of Service Vulnerability

Hi, We have around 60 hosts and each of them acts as glusterFs clients as well as server. To achieve HA, my underatanding is that we can use Ganesha NFS alone (and not Kernel NFS) and for above 3.10 versions, the HA packages are not ready yet. So, I'm thinking if I can avoid HA by making each client acts as server for itself. i.e.,the server name specified while mounting is localhost. So,

Hi, What I meant was that every host acts as nfs server for itself alone. A is mounted on A, B is mounted on B etc. So, if a host is crashed or storage of the host is not available, other hosts won't be affected. And how bad can be the performance overhead in having multiple nfs servers? Regards, Jeevan. On Nov 15, 2017 10:07 AM, "Soumya Koduri" <skoduri at redhat.com>

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.

A severe vulnerability was found in the random number generator (RNG) of the Debian OpenSSL package, starting with version 0.9.8c-1 (and similar packages in derived distributions such as Ubuntu). While this bug is not present in the OpenSSL packages provided by CentOS, it may still affect CentOS users. The bug barred the OpenSSL random number generator from gaining enough entropy required for

On Tue, Dec 03, 2013 at 01:00:23PM +0000, Balraj Singh wrote: > Hi, > > I''m working on verifying TCP checksums on incoming packets in Mirage, but > I''ve run into a bit of a problem. > > If TCP checksum offload is turned on on a virtual interface (this is the > default), and if the TCP connection is local to the machine, it looks like > Xen does not

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:19.openssl Security Advisory The FreeBSD Project Topic: Incorrect PKCS#1 v1.5 padding validation in crypto(3) Category: contrib Module: openssl

Hi all. As most of you know, we are preparing OpenSSH 4.4p1 for release. We have had one round of testing and I would like to thank all who responded. We believe that most of the problems reported have been resolved. If you are so inclined, we would appreciate a quick retest to ensure that the fixed ones remain fixed and the working ones remain working. Of the problems identitified, I am only