similar to: SECURITY: RHSA-1999:033 Buffer overflow problem in the inews program

This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---1463810815-1223308169-936489982=:15281 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: <Pine.LNX.4.10.9909050208003.15329@prof.fr.nessus.org> Hello, ProFTPd, a FTP

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: inn Date: July 22nd, 2000 Advisory ID: MDKSA-2000:023 Affected versions: 6.0, 6.1, 7.0, 7.1

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hi, well, swift response! Qualcomm has a patched qpopper (2.5) Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> ---------- Forwarded message ---------- Date: Mon, 29 Jun 1998 21:43:18 -0700 From: Praveen Yaramada <pyaramad@QUALCOMM.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Patched Qpopper2.5 release Notification. Hello Folks, As you are already aware that qpopper

Hi, When php3 module is compiled in apache, files in any directory will be interpreted by the parser and executed. This is a security breach. There is a way to correct this? Any comments? Thanks, lacj --- <levy@null.net> Levy Carneiro Jr. Linux & Network Admin From mail@mail.redhat.com Sat May 8 02:32:02 1999 Received: (qmail 28372 invoked from network); 8 May 1999 07:05:57

Ran into a weird problem, and this seemed a good forum to toss it out into -- if I've gaffed, please let me know. Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly. When running 5.0, though, I'd installed the opie-fied ftpd that comes with the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz) and had it work without a hitch. I'd also

below. Dan ___________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Linux/Unix System Administrator | Fax: (630) 840-6345 Computing Division OSS/FSS | email: yocum@fnal.gov .~. L Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I P.O. Box 500 |

---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Patches for Slackware 7.0 Available There are several security updates available for Slackware 7.0. We will always post bug fixes and security fixes to the /patches subdirectory on the ftp site:

This may be, or may not be a security issue, however, since alot of people still use tripwire-1.2 or lesser versions(this is what shipped with R.H. Linux 5.2 at least), they might be interested in following detail: Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with coredump on R.H. linux, if it hits a filename containing 128-255 characters. Playing a bit with debugger I

Hi, There have been a bunch of useful submissions for the compare /contrast thread. To reduce the load on your mailbox, they are gathered here in one go... Roger. Date: Wed, 28 Oct 1998 15:11:37 +0000 From: "David L. Sifry" <dsifry@linuxcare.com> To: "Matthew S. Crocker" <matthew@crocker.com> CC: Rob Bringman <rob@trion.com>,

Well, last night, my box was hit again.. same symptoms: All attempts to connect remotely receive a connection, but a login prompt never comes up. When I went to the console and turned on the monitor, I had the login prompt, but written on to the screen was the message IPMASQ: Reverse ICMP: Checksum error from xxx.xxx.xxx.xxx So, on this occasion, I thought I would post a summary of the

I'm trying to get nessus setup for doing some internal security checking. I installed the ports for nessus and nessus-plugins, and everything worked as expected. I then registered for the full feed of plugins, which got me up to over 10,000 plugins. I restarted nessus, and it didn't work at all. I am running without X11, so I'm doing batch runs. I already have nmap installed, so I

Three quick notes-- 1) Umask defaults to 000 when running an xterm or gnome-terminal on redhat 6.0, unless you run a login shell. This is a Bad Thing. 2) The binary package for the inews-2.2.1-1 update released 9/1/99 isn''t on the redhat updates site; inn and inn-devel are insufficient. I had to compile the SRPM. 3) Nothing. There is no third note.

-----BEGIN PGP SIGNED MESSAGE----- ______________________________________________________________________________ SuSE Security Announcement Package: mirror-2.8.f4 Date: Fri Oct 01 22:21:15 MEST 1999 Affected: all Linux distributions using mirror <= 2.8.f4 _____________________________________________________________________________ A

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Zope update Advisory ID: RHSA-2000:052-04 Issue date: 2000-08-11 Updated on: 2000-08-18 Product: Red Hat Powertools Keywords: Zope Cross references: N/A

Hi, I''ve been thinking about group membership and the corresponding (weak) restrictions to system resources. Consider the following: % cat > gsh.c main() { system("/bin/sh"); } % cc -o gsh gsh.c % id uid=100(joe) gid=500(users) groups=14(floppy),15(sound) % chgrp sound gsh % chmod g+s gsh % mail abuser Subject: You owe me $5...

Automatic renewal The Ubuntu package for certbot comes pre-configured with systemd timer that will automatically renew existing certificates. What it does not handle however is reloading postfix/dovecot so that they will begin using the new certificates. For that, we need to implement a hook. Certbot has both pre and post hooks that you can use to execute a script prior to and after the renewal

Woops... this didn't show up here but it did on BugTraq. Questions answered! -- Chuck Mead, CTO, MoonGroup Consulting, Inc. <http://moongroup.com> Mail problems? Send "s-u-b-s-c-r-i-b-e mailhelp" (no quotes and no hyphens) in the body of a message to mailhelp-request@moongroup.com. Public key available at: wwwkeys.us.pgp.net ----------

Oops. Missed one line in the last patch.... Roger. -- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2600998 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * The Worlds Ecosystem is a stable system. Stable systems may experience * * excursions from the stable situation. We are currently in such an * * excursion: The stable situation does

----- Forwarded message from [Harald Kie_ling] ----- [Charset iso-8859-1 unsupported, filtering to ASCII...] Scanner for mail There are two possible mechanisms to protect email-users over a mail server from a virus : _ Hook into mail server and scanning the email Nearly 90% gave me the advise to take AMAVIS and scan the mail with some scanner. _ Hook into the smpt-protocol like a fire-wall Two