Displaying 20 results from an estimated 2000 matches similar to: "ipportfw - security"
1998 Jun 30
1
Patched Qpopper2.5 release Notification. (fwd)
Hi,
well, swift response!
Qualcomm has a patched qpopper (2.5)
Greetings,
Jan-Philip Velders
<jpv@jvelders.tn.tudelft.nl>
---------- Forwarded message ----------
Date: Mon, 29 Jun 1998 21:43:18 -0700
From: Praveen Yaramada <pyaramad@QUALCOMM.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Patched Qpopper2.5 release Notification.
Hello Folks,
As you are already aware that qpopper
1996 Nov 14
0
setgid binaries
Hi,
I''ve been thinking about group membership and the corresponding (weak)
restrictions to system resources. Consider the following:
% cat > gsh.c
main()
{
system("/bin/sh");
}
% cc -o gsh gsh.c
% id
uid=100(joe) gid=500(users) groups=14(floppy),15(sound)
% chgrp sound gsh
% chmod g+s gsh
% mail abuser
Subject: You owe me $5...
1996 Nov 14
1
Security hole in Debian 1.1 dosemu package
In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos
setuid root. This is a serious security hole which can be exploited
to gain access to any file on the system.
Package: dosemu
Version: 0.64.0.2-9
------- start of cut text --------------
$ cat /etc/debian_version
1.1
$ id
uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom)
[quinlan:~]$ ls -al
1998 Aug 25
1
Named Overflow Concern - SUMMARY (fwd)
George Brown sent this to my private Email address instead of to the
list. Because I forwarded it, my addres is in the header.
Roger.
----- Forwarded message from root -----
>From root@bull.bullnet.co.uk Mon Aug 24 16:20:29 1998
Received: from dutepp0.et.tudelft.nl
by rosie.BitWizard.nl (fetchmail-4.2.9 POP3 run by wolff)
for <wolff@localhost> (single-drop); Mon Aug 24
1998 Dec 03
2
interactions between OPIE-ftpd and RH5.2
Ran into a weird problem, and this seemed a good forum to toss it out into
-- if I've gaffed, please let me know.
Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly.
When running 5.0, though, I'd installed the opie-fied ftpd that comes with
the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz)
and had it work without a hitch. I'd also
1997 Jan 16
0
/bin/login
>Their is a buffer overrun in /bin/login which has the potential to
>allow any user of your system to gain root access. util-linux-2.5-29
>contains a fix for this and is available for Red Hat Linux 4.0 on
>all four platforms. We strongly recommend that all of Red Hat 4.0
>usres apply this fix.
Does this bug affect the ''login'' that is distributed
with shadow
1998 Oct 29
0
Digest.
Hi,
There have been a bunch of useful submissions for the compare /contrast
thread.
To reduce the load on your mailbox, they are gathered here in one go...
Roger.
Date: Wed, 28 Oct 1998 15:11:37 +0000
From: "David L. Sifry" <dsifry@linuxcare.com>
To: "Matthew S. Crocker" <matthew@crocker.com>
CC: Rob Bringman <rob@trion.com>,
1996 Nov 21
2
Re: BOUNCE: Re: Chattr +i and securelevel
Alexander O. Yuriev wrote:
>
> Your message dated: Wed, 20 Nov 1996 18:04:39 EST
> > >has anyone played with the securelevel variable in the kernel and the
> > >immutable flags in the ext2 file system?
> >
> > Yes, and its actualy quite nice.
> >
> > >The sysctrl code seems to allow the setting of the flag
> > >only by init (PID=1)
1999 Jan 04
0
Tripwire mess..
This may be, or may not be a security issue, however, since alot of people
still use tripwire-1.2 or lesser versions(this is what shipped with R.H.
Linux 5.2 at least), they might be interested in following detail:
Chuck Campbell (campbell@neosoft.com) pointed me out that tripwire dies with
coredump on R.H. linux, if it hits a filename containing 128-255 characters.
Playing a bit with debugger I
1999 May 07
3
php3 module and security
Hi,
When php3 module is compiled in apache, files in any directory will
be interpreted by the parser and executed. This is a security breach.
There is a way to correct this? Any comments?
Thanks,
lacj
---
<levy@null.net>
Levy Carneiro Jr.
Linux & Network Admin
From mail@mail.redhat.com Sat May 8 02:32:02 1999
Received: (qmail 28372 invoked from network); 8 May 1999 07:05:57
1999 Dec 01
0
Security Patches for Slackware 7.0 Available (fwd)
---------- Forwarded message ----------
Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST)
From: David Cantrell <david@slackware.com>
To: slackware-security@slackware.com
Subject: Security Patches for Slackware 7.0 Available
There are several security updates available for Slackware 7.0. We will
always post bug fixes and security fixes to the /patches subdirectory on
the ftp site:
1999 Jun 04
0
Forw: 2.2.x kernel vulnerability
below.
Dan
___________________________________________________________________________
Dan Yocum | Phone: (630) 840-8525
Linux/Unix System Administrator | Fax: (630) 840-6345
Computing Division OSS/FSS | email: yocum@fnal.gov .~. L
Fermi National Accelerator Lab | WWW: www-oss.fnal.gov/~yocum/ /V\ I
P.O. Box 500 |
1999 Sep 02
0
SECURITY: RHSA-1999:033 Buffer overflow problem in the inews program
-----BEGIN PGP SIGNED MESSAGE-----
- ---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Buffer overflow problem in the inews program
Advisory ID: RHSA-1999:033-01
Issue date: 1999-09-01
Keywords: inn inews buffer overflow
- ---------------------------------------------------------------------
1. Topic:
New packages for INN
1998 Sep 01
5
/bin/login problem
I would be surprised if someone hasn''t encountered this already, but I
haven''t found any discussion of the nature of this problem. I run RehHat
5.0. If a user makes a mistake in the login process such as the
following:
login: mistake
password: xxx
Login incorrect!
login: username
password xxxx
bash$
a ps will show, among other things,
2333 /bin/login --mistake.
Since
1999 Oct 04
0
SuSE Security Announcement - mirror
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: mirror-2.8.f4
Date: Fri Oct 01 22:21:15 MEST 1999
Affected: all Linux distributions using mirror <= 2.8.f4
_____________________________________________________________________________
A
1998 Jun 29
2
Re: A switch? A router? What am I looking for??
At 01:59 PM 6/29/98 +0000, Kokoro Security Administrator wrote:
>Hello everyone -
>
>I am looking for the name of a piece of hardware, and don''t know what it
>is called. I am told that there exists such a thing (a switch? a router?
>a special hub?) that will only send me traffic that is destined for me.
simple definitions:
--router: looks at a layer 3 address (such as
2000 Mar 15
0
Re: IPMASQ and lock-up of all terminals ---- Sum mary and update
Well, last night, my box was hit again.. same symptoms:
All attempts to connect remotely receive a connection, but a login prompt
never comes up.
When I went to the console and turned on the monitor, I had the login
prompt, but written on to the screen was the message
IPMASQ: Reverse ICMP: Checksum error from xxx.xxx.xxx.xxx
So, on this occasion, I thought I would post a summary of the
2000 Aug 18
0
[RHSA-2000:052-04] Zope update
---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Zope update
Advisory ID: RHSA-2000:052-04
Issue date: 2000-08-11
Updated on: 2000-08-18
Product: Red Hat Powertools
Keywords: Zope
Cross references: N/A
1998 Oct 13
5
compare / contrast of linux fw and others
Hi,
I was wondering how a linux box configured as a firewall stacked up
against some of the commercial products like checkpoint-1 and gauntlet.
Can someone direct me to a good book or online doc that compares linux
to some other firewall methods?
Mind you, I''m not talking about a firewall in the classical sense, ie
ip forwarding turned off and used as a proxy, but the typical Linux box
2020 Oct 09
0
Feature request.
Automatic renewal
The Ubuntu package for certbot comes pre-configured with systemd timer that will automatically renew existing certificates. What it does not handle however is reloading postfix/dovecot so that they will begin using the new certificates. For that, we need to implement a hook.
Certbot has both pre and post hooks that you can use to execute a script prior to and after the renewal