Displaying 20 results from an estimated 1000 matches similar to: "loginmsg bug"
2012 Aug 01
5
[Full-disclosure] nvidia linux binary driver priv escalation exploit
Hi all!
I found this today on FD:
http://seclists.org/fulldisclosure/2012/Aug/4
2010 Sep 18
2
Ac1dB1tch3z Vs Linux Kernel x86_64 0day
Are there any 64bit CentOS5 kernels available that are immune against
the exploit mentioned in the subject? Turning off 32bit support is no
option to me..
Gerhard Schneider
P.S.: Source code can be found at
http://seclists.org/fulldisclosure/2010/Sep/268 and is working "well" on
2.6.18-194.11.3.el5.centos.plus
--
Gerhard Schneider
Institute of Lightweight Design and e-Mail: gs
2000 May 15
1
AIX authenticate patches
Here are some patches to re-enable support for AIX's authenticate
routines. With them, ssh will honor locked & unlocked accounts, record
successful and unsuccessful logins, and deny accounts that are
prohibited to log in via the network. Tested with AIX 4.3.
It also includes a fix for handling SIGCHLD that may be needed for
other platforms (HP-UX 10.20, for example).
If I get the time
2002 Oct 13
1
[PATCH] AIX password expiration
Hi All.
With one eye on the do_pam_chauthtok() stuff I've merged contributions
by Pablo Sor and Mark Pitt into a patch against -current. I'm
interested in testers and suggestions for improvements.
The patch extends the loginrestrictions test to include expired
accounts (but unlike Mark's patch, doesn't log accounts with expired
passwords unless they're locked) and adds
2003 Jul 05
0
[PATCH] Replace AIX loginmsg with generic Buffer loginmsg
Hi All.
I've decided to try to merge the -Portable parts of the password expiry
patch (see bug #14) that do not depend on the OpenBSD change in bug #463.
The attached patch is the first step in this process. It removes the
AIX-specific "char *aixloginmsg" and replaces it with a platform-neutral
"Buffer loginmsg". I think this is worth having in -Portable even if it
2000 Jan 19
3
AIX openssh patches
I have a few patches for AIX. The patchfile is attached below. The patch
has been tested on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25,
with openssl-0.94, using RSAref.
1) authenticate support - this function allows the system to determine
authentification. Whatever the system allows for login, authenticate
will too. It doesn't matter whether it is AFS, DFS, SecureID, local.
2016 Jul 19
2
Openssh use enumeration
Hi, sorry I don't know if I send this to the correct channel.
I have notice that OpenSSH has recognized the presence of the user
enumeration as a vulnerability,
http://seclists.org/fulldisclosure/2016/Jul/51 (CVE-2016-6210).
I want to make an appreciation, this is a old vulnerability
already announced three years ago.
2001 Nov 05
2
Security - ssh allows unintended access on AIX
Under AIX there are three security settings:
expires = a fixed date at which an account is no longer valid
maxage= weeks before a password expires
maxexpires=max weeks during which a password can be changed by a user after
expiration AFTER WHICH ACCESS IS NOT ALLOWED
Beauty of maxage with expires is, that no manual intervention is required
to block inactive users.
With maxage=5 and expires=1 an
2006 Feb 16
2
PAM and passwd age warnings again.
Hi all,
This is a patch against 4.2p1 (compiling for a Linux --- an old, highly
customized 7.2 to be specific). When I compiled it from your original
source, installed it, and turned on PAM (for passwd aging), I couldn't
get the passwd expiration warnings as specified in /etc/shadow to work
at all (the message that is supposed to warn you as you're logging in
that your passwd will expire
2012 Jun 08
13
Default password hash
We still have MD5 as our default password hash, even though known-hash
attacks against MD5 are relatively easy these days. We've supported
SHA256 and SHA512 for many years now, so how about making SHA512 the
default instead of MD5, like on most Linux distributions?
Index: etc/login.conf
===================================================================
--- etc/login.conf (revision
2002 Mar 21
0
[Bug 178] New: Content of /etc/nologin isn't shown to users, fix triggers probably AIX bug
http://bugzilla.mindrot.org/show_bug.cgi?id=178
Summary: Content of /etc/nologin isn't shown to users, fix
triggers probably AIX bug
Product: Portable OpenSSH
Version: 3.1p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2007 May 19
2
PAM exec patch to allow PAM_AUTHTOK to be exported.
I figure some one here may find this interesting. I just begun work
on allowing a smb home directory to be automounted upon login.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pam_exec.c.diff
Type: text/x-patch
Size: 213 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20070519/19e6bd01/pam_exec.c.bin
2003 Jul 11
3
Login.Access
Login seems to be ignoring my /etc/login.access settings.
I have the following entries (see below) in my login.access, yet any new
user (not in the wheel group) is still allowed to login. What am I missing?
# $FreeBSD: src/etc/login.access,v 1.3 1999/08/27 23:23:42 peter Exp $
#
-:ALL EXCEPT wheel:console
-:ALL EXCEPT wheel:ALL
Thanks,
--
Scott Gerhardt, P.Geo.
Gerhardt Information
2003 May 10
7
[Bug 463] PrintLastLog doesn't work in privsep mode
http://bugzilla.mindrot.org/show_bug.cgi?id=463
------- Additional Comments From dtucker at zip.com.au 2003-05-10 12:59 -------
I've had a look at the OpenBSD source and I don't think OpenBSD *needs* a
"Buffer loginmsg" right now. PrintLastLog can be easily fixed by updating
s->last_login_time before the privsep split.
So, is there another reason OpenBSD needs (or
2004 Feb 26
2
HEADS UP: OpenSSH 3.8p1
Take the usual precautions when upgrading.
Also note that I have changed some configuration defaults: the server
no longer accepts protocol version 1 nor password authentication by
default. If your ssh client does not support ssh protocol version 2
or keyboard-interactive authentication, the recommended measures are:
1) get a better client
2) get a better client (I mean it)
3) get a better
2016 Mar 04
2
Using 'ForceCommand' Option
Lesley Kimmel <lesley.j.kimmel at gmail.com> writes:
> So I probably shouldn't have said "arbitrary" script. What I really
> want to do is to present a terms of service notice (/etc/issue). But I
> also want to get the user to actually confirm (by typing 'y') that
> they accept. If they try to exit or type anything other than 'y' they
> will be
2008 Aug 15
2
SSH Command Line Password Support
Hello,
I am interested in an ssh that is not interactive in requesting the password, i.e, whereas I can specify the password in the command line when calling SSH.
I have wondered how such a feature has not been included in such a good client, as it seems there are many (and I have searched for this) people require this capability for their scripts/automation.
I understand the possibility of
2016 Mar 11
2
OpenSSH Security Advisory: xauth command injection
Nico Kadel-Garcia <nkadel at gmail.com> writes:
> Dag-Erling Sm?rgrav <des at des.no> writes:
> > Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have
> > X11Forwarding enabled by default.
> I'm not sure I see your point.
With X11Forwarding off by default, one would assume that it is only
enabled on a case-by-case basis for users or groups who
2012 Sep 18
8
Collecting entropy from device_attach() times.
Hi.
I experimented a bit with collecting entropy from the time it takes for
device_attach() to run (in CPU cycles). It seems that those times have
enough variation that we can use it for entropy harvesting. It happens
even before root is mounted, so pretty early.
On the machine I'm testing it, which has minimal kernel plus NIC driver
I see 75 device_attach() calls. I'm being very careful
2016 Mar 11
2
OpenSSH Security Advisory: xauth command injection
Nico Kadel-Garcia <nkadel at gmail.com> writes:
> I'm just trying to figure out under what normal circumstances a
> connection with X11 forwarding enabled wouldn't be owned by a user who
> already has normal system privileges for ssh, sftp, and scp access.
Some OS distributions (FreeBSD, RHEL / CentOS, probably Fedora) have
X11Forwarding enabled by default.
DES
--