similar to: [PATCH] Tighten /etc/crontab permissions

Dear folks, It seems that doing bind() inside a jail (whose IP address is an outside address), will result in some wierd behavior, that the actual bind is done on the outside address. For example, binding to 127.0.0.1:6666 inside a jail addressed 192.168.1.1, will finally result in a bind to 192.168.1.1:6666. With this in mind, it is possible that some formerly secure configuration fail in jail

Dear folks, I'm recently investigating large scale deployment and upgrading FreeBSD RELEASE. It's our tradition to bump "RELEASE-pN" after a security patch is applied, however, it seems that there is less method to determine whether the userland is patched, which is somewhat important for large site managements. So is "uname -sr" the only way to differencate the

All: I'm posting this to FreeBSD-security (rather than FreeBSD-net) because the problems I'm seeing appear to have been caused by spyware, and because they constitute a possible avenue for denial of service on FreeBSD machines with default installs of the operating system. Several of the FreeBSD machines on our network began to act strangely during the past week. Some have started to

I got email yesterday from a user who had run 'from' and got the message "No mail in /home/stevev/$USER" (where $USER was that person's username). At first I thought he had pilfered my .bashrc, but on further investigation I discovered that my home directory path had been compiled in to sshd, because the configuration tests assume that the directory part of $MAIL is the

Hi, Just want to ask about the status of this:- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002 >From list archives I gather the fix is still under refinement (but committed (and removed?) in HEAD and RELENG_5_2). One paranoid little shop is running a public web server on RELENG_4_9, and contemplating this patch:-

Hello! Port security/portaudit reports the following problem: Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.htm l> Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf I have 2 related questions: 1)

Yo All! Well I work on a diverse number of OS's with a diverse number of clients. Some use F-Secure, SecureCRT, PuTTY, SSH.COM. OpenSSH, etc. with a wide variety of versions between each, some from source, some from rpms, etc... Basically a lot of legacy stuff that no one has the time to update. In fact I am working on a couple of OpenSSH config problems in the last few days. Sometimes we

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

Since last upgrade, I see much more CPU time "eated" by interrupts (at least 10% cpu in top) (see http://dgeo.perso.ec-marseille.fr/cpu-week.png) The server behave correctly (Or seems to?), and high interrupt number seems to come from bce cards (source: systat -vmstat) I just upgraded from "RELENG_7 Mon Sep 8 12:33:06 CEST 2008" to "RELENG_7_1 Sat Nov 29 16:20:35 CET

i am invoking op from a python proggy which does an op.system() of op chmod 640 /usr/local/etc/tac_plus.conf i get "Permission denied by op" % ls -l /usr/local/etc/op.access -r-------- 1 root wheel 149 Jan 13 07:41 /usr/local/etc/op.access % cat /usr/local/etc/op.access # 2007.01.13 # #DEFAULT users=src # chown /usr/sbin/chown $* ; users=src chmod /bin/chmod $* ; users=src

On 16 May 2015, at 09:39, Xin Li <delphij at delphij.net> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > On 5/15/15 10:58, Xin Li wrote: >> Hi, >> >> I have seen the following assertion fails on my own mail server >> (indexer-worker): >> >> Panic: file charset-iconv.c: line 132 (charset_to_utf8):

Hi, Any info on this subject on http://www.theregister.co.uk/2009/09/14/freebsd_security_bug/ -- Frederique

Hi: We have a machine running 6.2-R-p10 and squid 2.6.17, and upgrade it to 6.3R yesterday, but squid will hang and eat 100% cpu time after restart about 1 hour later, machine still alive, and no response from squid. downgrade to 6.2-R-p10, everything ok again.. here is some infomations: machine type: FreeBSD 6.3-RELEASE #0: Wed Jan 23 01:58:39 CST 2008 CPU: Intel(R) Xeon(TM) CPU 2.40GHz

While using 5.1-RELEASE, I find that if my application program seg faults, it produces "programname.core"; but it is 0 bytes. I ran the exact same program on another machine that was running 4.4-RELEASE, and I do get a core file that I can use with gdb. I'd really appreciate if someone could help me resolve this. Additional details: - It is not specific to the application

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, A feature of Cyrus-IMAPd I really missed after migrated to Dovecot is their optional "duplicate suppression", which eliminates duplicate message at deliver time, if their envelope sender, recipient and message-id matches. For example, if one subscribes to a mailing list, and someone hit "Reply All" to reply to him, there

Has anyone else seen this in the wild? We just had an attempted attack yesterday from a live attacker on one of our machines using this vulnerability. It wasn't all that clever, and they're long gone, but I *did* manage to catch them in the act and grab a copy of the binary they tried to run from /tmp/, as well as the PHP injection code they used to subvert a virtual web site's

Hi, After changing cables,switches,ports, I came to the conclusion that bce is reporting input errors that are not there, or creating them. I checked this with 3 different boxes, all Dell-2950/Broadcom NetXtreme II BCM5708 1000Base-T (B2), and one of them, while running Solaris, reported 0 errors after a week, and freebsd after a few minutes its count was > 100. The errors appear under

Hello A box of mine running RELENG_7_0 and ZFS over a couple of disks (6 disks, 3 mirrors) seems to have gotten stuck. From Ctrl-T: load: 0.50 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock] 0.02u 0.04s 0% 3404k load: 0.43 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock] 0.02u 0.04s 0% 3404k load: 0.10 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have put together a preliminary patchset for dovecot 1.1 at: http://people.freebsd.org/~delphij/misc/dovecot-1.1-rc4.diff My intention is to repocopy the current dovecot port to dovecot11 and make changes on the latter. In this version of patchset, I have intentionally removed the following chunk of change which by default allows gid=0

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, I have seen the following assertion fails on my own mail server (indexer-worker): Panic: file charset-iconv.c: line 132 (charset_to_utf8): assertion failed: (*src_size - pos <= CHARSET_MAX_PENDING_BUF_SIZE) However, when charset_to_utf8_try returns FALSE (e.g. iconv() got EINVAL or EILSEQ), the for loop in charset_to_utf8 may end earlier,