similar to: Forwarded mail....

[Mod: Forwarded from bugtraq -- alex] Hi! I''m sorry if the information I''m going to tell about was already known, but I hope it wasn''t... I just occasionally found a vulnerability in Linux libc (actually, some of the versions seem not to be vulnerable; my Slackware 3.1 box was though). Unfortunately, I have no time for a real investigation right now, but

Summary: Any user can gain root privileges on a Intel Linux system with suidperl 5.003 (having the suid bit, of course) even if "SUIDBUF" and "two suidperl security patches" have been applied. Non-Intel / non-Linux platforms may be affected as well. Quick fix: chmod u-s /usr/bin/sperl5.003 (what else?) Details: There is a nasty bug in mess() (util.c): it is possible to

cxterm is a Chinese terminal emulator for the X Window System. It''s installed as suid-root by default if you did a make install. Just like xterm, it does needs to be suid to update /etc/utmp...blahblah... I discovered some buffer overflow bugs in it. The code attached below is the exploit. Quick fix? chmod -s /path/cxterm

On Tue, Nov 09, 1999 at 11:39:39AM +0100, Mariusz Marcinkiewicz wrote: > After reading lcamtuf's posts I decided write this one. Few months ago one > of my friends - digit - found bug in linux nfsd daemon. I made example > sploit about IV 1999. Now in distributions is new nfsd and nowhere was > information about security weaknes of old version! Well, one gets used to people

I just had a peek at the anaconda source for Fedora 21. Apparently you can waive the password strength tests (and the non-ASCII tests) by simply clicking "Done" twice. def _checkPasswordASCII(self, inputcheck): """Set an error message if the password contains non-ASCII characters. Like the password strength check, this check can be bypassed by

On 02/04/2015 04:55 PM, Warren Young wrote: > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They don?t need to crack your > passwords now. You?re already boned. Not exactly. There have been remotely exploitable vulnerabilities where an arbitrary file could be read (not written), but otherwise root access wasn't given

Hi there, I am running MCMCpack (MCMCirt1d model) on some files (26 items x about 800 – 1200 individuals). I have a problem. When I am working on “big” files, the R program crashes. More precisely I got the following Microsoft Warning: ******************************************* Microsoft Visual C++ Runtime Library Runtime Error! Program: C:\Program Files\R\R-2.4.1\bin\Rgui.exe

I noticed this mentionned in the archives but the issue was never resolved. Evidently performing smbclient tar restores is excruciatingly slow. I noticed this while trying to restore my amanda backups to a w95 machine over samba - well over 24 hours for 850 MB. Does anyone have any idea why this is happening? Is there anything I can tweak or change to fix this? Restores at this speed make my

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

Section I. Overview Hello, About a half year ago there was some rumour on bugtraq concerning a buffer overflow in Linux dynamic linkers, ld.so and ld-linux.so. You can take a look at the beginning of the thread at http://www.geek-girl.com/bugtraq/1997_3/0089.html to refresh old memories; I''ll capitalize anyway. Briefly, there exists a buffer overrun in ld-linux.so versions 1.7.14,

Thank you for the quick response Thorvald, but I think that's not the problem here :[ I know how to capture the buffer and how to play it in the output buffer of the DS. The problem is (probably) with same kind of short/floats/bytes error in conversion/copying that the coder doesn't get. I can have my buffer locked during the compression, it not the problem at the moment. What I really

Hi, I have a module sampling raw PCM data on Win CE as 10ms time slice (160 bytes), mono, 8000HZ, 16 bits per sample. Does anyone know what is the mflops for using fixed point on a Win CE compared to using floating point? Looking at the manual, "In practice, frame_size will correspond to 20 ms when using 8, 16, or 32 kHz sampling rate." for a 8 kHz sampling, the framesize should be

I am using the script below to simulate a very low bandwidth connection. I found that I could turn the bandwidth knob down to about 4kbit, but below that I didn''t get any traffic through. I''ve had a look at this generally, but couldn''t find an answer. It doesn''t even seem like the first reply packet gets through. I have tried it with much bigger buffers,

Shawn sent me a copy of the non-Direct Sound version of this output plugin, and I'm hosting it on my web site's rare software page: http://members.lycos.co.uk/bhafool1/rarities/ I've found it adds far more smoothness and clarity to various low sample-rate audio files, including an 80-minute speech I mentioned previously, due to my soundcard's approach to D-to-A conversion

Full_Name: Brian Aukema Version: 1.6 OS: Windows XP Professional Submission from: (NULL) (144.92.164.204) platform i386-pc-mingw32 arch i386 os mingw32 system i386, mingw32 status major 1 minor 6.0 year 2002 month 10 day 01 language R Hello, I am relatively new to

On Thu, May 17, 2012 at 3:25 PM, Nick Kledzik <kledzik at apple.com> wrote: > I now have an implementation of FileOutputBuffer (OutputBuffer was already taken).  The patch supports the functionality listed below and I've tested that it works for lld. > > To implement the FileOutputBuffer, I needed to add some more functions to llvm/Support/FileSystem.h, including: >  

Hola: Para el desarrollo del nuevo PluginR de Tiki (para poder ejecutar scripts de R desde Tiki: en páginas Wiki, hojas de cálculo web, etc, http://dev.tiki.org/PluginR ), por ahora estamos usando la lista de funciones que se usaban en el proyecto r-php, y que fueran heredadas por la extensión R de MediaWiki. Como r-php se hizo hace algunos años (2006), me pregunto si alguien sabe si hay

Hi, (this is my first post here) A previous thread, starting Date: Tue 19 Nov 2002 - 06:09:56 EST "[vorbis] need speech and music in one" http://www.xiph.org/archives/vorbis/200211/0142.html expressed needs similar to mine, to encode a lengthy speech at low bitrate. I did some tests initially in September then concluded in December, and I was surprised to find Vorbis to be the best

Before anything else, let me state this: Of course it''s going to be PAINFULLY slow on MRI. That''s not the point :) I thought I''d try out writing out a Ruby version of the parser for the purposes of Rubinius. For those of you who aren''t aware, Ragel supports a goto-driven FSM on Rubinius by injecting assembly directly, and Rubinus head honcho guy Evan Phoenix

What is this??????????????????????????????????????? > -----Original Message----- > From: samba@samba.org [mailto:samba@samba.org] > Sent: Tuesday, October 05, 1999 3:06 AM > To: Bernhard Bruscha > Subject: SAMBA digest 2259 > > > SAMBA Digest 2259 > > For information on unsubscribing see http://samba.org/listproc/ > Topics covered in this issue include: