similar to: what percent of time are there unpatched exploits against default config?

With companies like Facebook and Google offering cash prizes for people who can find security holes in their products, has there ever been any consideration given to offering cash rewards to people finding security exploits in CentOS or in commonly bundled services like Apache? (Provided of course they follow "responsible disclosure" and report the exploit to the software authors

(Sorry, third time -- last one, promise, just giving it a subject line!) OK, a second machine hosted at the same hosting company has also apparently been hacked. Since 2 of out of 3 machines hosted at that company have now been hacked, but this hasn't happened to any of the other 37 dedicated servers that I've got hosted at other hosting companies (also CentOS, same version or almost),

Hi List, Looks like this affects on centos 5 and is unpatched like on rhel 5? https://access.redhat.com/articles/1537873 Trying to test if this affects on centos 5. can someone compile this exploit on centos 5? https://www.qualys.com/research/security-advisories/roothelper.c any ideas how to compile it on centos 5? -- Eero

well, very sad to hear as I use commercial rhel 5 and paying for it.. Eero 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: > On 08/12/2015 10:43 PM, Eero Volotinen wrote: > > Hi List, > > > > Looks like this affects on centos 5 and is unpatched like on rhel 5? > > > > https://access.redhat.com/articles/1537873 > > > > Trying to

If an attacker finds an exploit to take control of httpd, they're still blocked in part by the fact that httpd runs as the unprivileged apache user and hence can't write any root-owned files on the system, unless the attacker also knows of a second attack that lets apache escalate its privilege. Basically correct? What about sshd -- assuming that the attacker can connect to sshd at

Ever since someone told me that one of my servers might have been hacked (not the most recent instance) because I wasn't applying updates as soon as they became available, I've been logging in and running "yum update" religiously once a week until I found out how to set the yum-updatesd service to do the equivalent automatically (once per hour, I think). Since then, I've

https://bugzilla.redhat.com/show_bug.cgi?id=432251 Mentioned on Slashdot here: http://it.slashdot.org/article.pl?sid=08/02/10/2011257 Fedora bug report here: https://bugzilla.redhat.com/show_bug.cgi?id=432229 -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

Hello. Recently I discovered some kind of exploit of openssh used against me. For configuration info, I am using Mandrake 8.2 with the openssh package openssh-3.1p1-1mdk. Fortunately, I was at least somewhat security-aware, and have an AllowUsers parameter in my sshd config file. I Used to allow only public key logins, but ditched that when I found myself needing access from multiple places. I

http://wiki.centos.org/HowTos/SELinux says: "Access is only allowed between similar types, so Apache running as httpd_t can read /var/www/html/index.html of type httpd_sys_content_t." however the doc doesn't define what "similar types" means. I assumed it just meant "beginning with the same prefix". However that can't be right because on my system with

On Wed, February 15, 2017 10:22 am, Chris Adams wrote: > Once upon a time, Leonard den Ottolander <leonard at den.ottolander.nl> said: >> On Wed, 2017-02-15 at 09:47 -0600, Johnny Hughes wrote: >> > 2. They already have shell access on the machine in question and they >> > can already run anything in that shell that they can run via what you >> > are

There's an article on slashdot about the Duqu team wiping all their intermediary c&c servers on 20 Oct. Interestingly, the report says that they were all (?) not only linux, but CentOS. There's a suggestion of a zero-day exploit in openssh-4.3, but both the original article, and Kaspersky labs (who have a *very* interesting post of the story) consider that highly unlikely, and the

Does anyone know off hand what the longest known serious security issue (i.e. remote compromise) has been with FreeBSD that went unpatched ? e.g. security hole is reported to security-officer@FreeBSD.org. X days later, fix and advisory committed. What has been the largest X ? My jaw dropped when I saw http://www.eeye.com/html/Research/Upcoming/index.html ---Mike

My home machine has IP 50.54.225.130. I have (for the purposes of this experiment) one remote machine at www.peacefire.org (69.72.177.140) and another at www.junkwhale.com. When I'm logged in to peacefire, I run this perl script to open an ssh connection to junkwhale and run a command: my $hostname="www.junkwhale.com"; my $server_password = "[redacted!]"; use Net::SFTP;

Some time ago one of my customer's computers was compromised by outside attackers, and though we were able to clean it up I never learned how. A few weeks back, my own office machine was hacked and the signs were similar; but this time I found an exploit program named "kulak" in my /tmp directory. Evidently (according to the source, which the attacker left behind also) kulak

It has come to my attention that there are quite a few local exploits circling around in the private sector for GID Games. Several of the games have vanilla stack overflows in them which can lead to elevation of privileges if successfully exploited.

On 08/12/2015 10:43 PM, Eero Volotinen wrote: > Hi List, > > Looks like this affects on centos 5 and is unpatched like on rhel 5? > > https://access.redhat.com/articles/1537873 > > Trying to test if this affects on centos 5. can someone compile this > exploit on centos 5? > https://www.qualys.com/research/security-advisories/roothelper.c > > any ideas how to

On 08/13/2015 12:41 PM, Eero Volotinen wrote: > well, very sad to hear as I use commercial rhel 5 and paying for it.. > Well, in that case, I would recommend RHEL-6 or RHEL-7 for your RHEL-5 workloads :) > > 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: > >> On 08/12/2015 10:43 PM, Eero Volotinen wrote: >>> Hi List, >>>

Thank you, Philipp. It was things like buffer overflow attacks once connected as a source that I was concerned about. It's reassuring to hear that Icecast server is not exploitable. The Best Practices you suggested are good ones, I'll discuss them with station management. -- Jack Elliott Director of Classical Music Programming High Desert Community Radio KPOV Bend, Oregon On 11/23/23

I seem to have stumbled across another vulnerability in DIP. It appears to allow any user to gain control of arbitrary devices in /dev. For instance, I have successfully stolen keystrokes from a root login as follows... (I could also dump characters to the root console) $ whoami cesaro $ cat < /dev/tty1 <------ root login here bash: /dev/tty1: Permission denied

On 24 Nov 2023, at 15:37, Jack Elliott wrote: > Thank you, Philipp. It was things like buffer overflow attacks once connected as a source that I was concerned about. It's reassuring to hear that Icecast server is not exploitable. The Best Practices you suggested are good ones, I'll discuss them with station management. > I don?t think you can assert with absolute confidence for any