similar to: [RHSA-1999:042-01] screen defaults to not using Unix98 ptys

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Security problems in WU-FTPD Advisory ID: RHSA-1999:043-01 Issue date: 1999-10-21 Updated on: Keywords: wu-ftp security remote exploit Cross references: --------------------------------------------------------------------- 1. Topic: Various computer security groups have

-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Security problems in WU-FTPD Advisory ID: RHSA-1999:043-01 Issue date: 1999-10-21 Updated on: Keywords: wu-ftp security remote exploit Cross references: - --------------------------------------------------------------------- 1. Topic:

This and the following 2 messages are from linux-watch@redhatc.com Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW:

Well, last night, my box was hit again.. same symptoms: All attempts to connect remotely receive a connection, but a login prompt never comes up. When I went to the console and turned on the monitor, I had the login prompt, but written on to the screen was the message IPMASQ: Reverse ICMP: Checksum error from xxx.xxx.xxx.xxx So, on this occasion, I thought I would post a summary of the

For those who are unaware... [mod: This whole bind affair has gone a bit out of hand. Elias from Bugtraq found "public" info indicating the problem. ISC/CERT were working on releasing the bugfix together with the fix. Now everybody is scurrying to get fixes out now that "the public" knows about this. As far as I know, Red Hat (& Caldera) made a new RPM, based on the most

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: remote root exploit (SITE EXEC) fixed Advisory ID: RHSA-2000:039-02 Issue date: 2000-06-23 Updated on: 2000-06-23 Product: Red Hat Linux Keywords: wu-ftpd, root exploit, site exec, buffer overrun Cross references: N/A

The instructions in RHSA-2000:037-01 (2.2.16 kernel update) tell you: 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. These instructions are incomplete and may result in a system that is unbootable. After updating the RPM files, you should also: (1) run mkinitrd to create a new initial ramdisk image

Freshmeat says: Following up to yesterday's Linux 2.0.38 release, Alan Cox sent out a security notice about a remote network DoS vulnerability which is present in all Linux 2.0.x systems. Linux 2.2.x is not affected by this bug. Causing this requires a great deal of skill and probably a reasonably local network access as it is extremely timing dependant. Nevertheless everyone is advised to

-----BEGIN PGP SIGNED MESSAGE----- - --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: gpm Advisory ID: RHSA-2000:009-02 Issue date: 2000-04-07 Updated on: 2000-04-10 Product: Red Hat Linux Keywords: gpm gpm-root gid 0 priviledge Cross references: N/A -

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: wu-ftpd vulnerability Advisory number: CSSA-2000-020.0 Issue date: 2000 June, 23 Cross reference: ______________________________________________________________________________ 1. Problem Description There is

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:03 Security Advisory FreeBSD, Inc. Topic: Three ftp daemons in ports vulnerable to attack. Category: ports Module: wu-ftpd and proftpd

Package: logcheck Version: 1.2.69 Severity: normal In the file /etc/logcheck/ignore.d.server/wu-ftpd ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ should be ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd\[[0-9]{4}\]: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ There is a number after "wu-ftpd" -- System

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

Hello, openssh-3.0.1p1 appears to transmit and parse tty modes correctly, but later in the code it uses vhangup() to close all tty references and reset the tty to default modes. I don't think that vhangup() should be needed on Unix98 ptys, possibly not even on BSD ptys, and I am probably wrong, so please tell me where. Of course vhangup() clears all tty modes, so you need to save them

After installing redhat4.1 I found that a few serious bug fixes announced in Jan 97 was not included in the distribution. First of them -- a SERIOUS SECURITY BUG in wu-ftpd allowing any user gain a root acces to files. Patch was posted in redhat-announce list and included in wu-ftpd-2.4.2b11-9. Second: a bug in wu-ftpd -- ftpd doesn''t perform any log for real user and ignores

---------- Forwarded message ---------- Date: Fri, 22 Oct 1999 20:30:27 -0700 (PDT) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: CA-99-13: wu-ftpd upgrade available ATTENTION: All users of Slackware 4.0 and Slackware-current REGARDING: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD The recent CERT advisory reporting multiple

___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

-----BEGIN PGP SIGNED MESSAGE----- ##### ## ## ###### ## ### ## ## ##### ## # ## ## ## ## ### ## ##### . ## ## . ###### . Secure Networks Inc. Security Advisory

Author: casper Repository: /hg/zfs-crypto/gate Revision: 24515d11f294677252853b5e1eb496c66b1e06e8 Log message: 6395215 UNIX03/UNIX98: *vsx* addition of mkstemps breaks namespace Files: update: usr/src/head/stdlib.h