similar to: IMAPD fix for RH

I think it depends on wat you are using the book for..I myself have been trying for a long time to find a document that describes basic RedHat and Linux security, what to look for, inherent dangers etc etc. So I was overjoyed when I found this book. No, I am not depending on it as a sole source of information, but the basicis that it covers simply do not get repeatadly posted to the lists you

---------- Forwarded message ---------- Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by blues.jpj.net (backatcha) with ESMTP id CAA13949; Fri, 14 Nov 1997 02:08:13 -0500 (EST) Received: from unknown@netspace.org (port 25452 [128.148.157.6]) by brimstone.netspace.org with ESMTP id <818-20257>; Fri, 14 Nov 1997 01:41:22 -0500 Received: from NETSPACE.ORG by

This is yet-another reason to _partition_ your disks. Of course hard links do not work accross filesystems. Even thought it is a pain in the neck to do when installing your operating system, think about separating critical system files from non-critical and non-system files from system files. I would say that the following layout is a good place to start: / /usr (nosuid,nodev,ro) /usr/local

Hi, This is FYI. Lets not start discussion on a topic of "my fingerd is better than yours". Alex ------- Forwarded Message Return-Path: owner-bugtraq@NETSPACE.ORG Message-ID: <199705240145.WAA11413@morcego.linkway.com.br> Date: Fri, 23 May 1997 22:45:04 -0300 Reply-To: Rodrigo Barbosa <rodrigob@MORCEGO.LINKWAY.COM.BR> Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>

------- start of forwarded message (RFC 934 encapsulation) ------- From: Joe Zbiciak <im14u2c@cegt201.bradley.edu> Approved: alex@bach.cis.temple.edu Sender: Bugtraq List <BUGTRAQ@netspace.org> To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org> Subject: Buffer overflow in Linux''s login program Date: Sun, 22 Dec 1996 09:27:24 -0600 Reply-To: Joe Zbiciak

------- start of forwarded message (RFC 934 encapsulation) ------- From: kevingeo@CRUZIO.COM Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG> To: BUGTRAQ@NETSPACE.ORG Subject: Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files Date: Wed, 25 Feb 1998 05:49:58 -0500 Reply-To: kevingeo@CRUZIO.COM Vulnerable: Everyone who followed the installation instructions and made Quake2

And, here''s a fix. -----Original Message----- From: David Zhao <dzhao@LURK.KELLOGG.NWU.EDU> To: BUGTRAQ@NETSPACE.ORG <BUGTRAQ@NETSPACE.ORG> Date: Sunday, May 17, 1998 3:00 PM Subject: simple kde exploit fix >in kdebase/kscreensaver/kscreensave.cpp: > >change: >line 18: strcpy( buffer, getenv("HOME") ); > to >

------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <14008.870179829.1@erehwon.bmc.com> See attached. Red Hat Linux package mh-6.8.3-13.i386.rpm installs the inc and msgchk programs as follows: -rwsr-sr-x- root mail 72628 Oct 17 16:57 /usr/bin/mh/inc -rwsr-xr-x- root root 52536 Oct 17 16:57 /usr/bin/mh/msgchk Hal -------

Another from Bugtraq. I've also forwarded this one on to our contact at Red Hat (Stephen Smoogen) and he tells me it's in their QA currently. Dan _______________________________________________________________________________ Dan Yocum | Phone: (630) 840-8525 Computing Division OSS/FSS | Fax: (630) 840-6345 .~. L Fermi National Accelerator

I picked up the following from Bugtraq. -----Forwarded message from David Phillips <phillips@PCISYS.NET>----- MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-ID: <01BC5D8D.679DD4A0@frank56.pcisys.net> Date: Sat, 10 May 1997 21:56:05 -0600 Reply-To: David Phillips <phillips@PCISYS.NET> Sender: Bugtraq List

[mod: The first message would''ve been rejected on the grounds "no security related information", but it gives ME a warm feeling too, so I''m allowing it to piggyback on the announcement of the "fix". Note that Linux-2.1.63 simply implements a fix for the problem, instead of applying this fix, upgrading to 2.1.63 might be an option for you. Linus indicated that

Hi, some more info on the previous admw0rm alert. Fwd'd from BugTraq Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Fri, 26 Mar 1999 21:17:40 +0100 From: Mixter <mixter@HOME.POPMAIL.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Re: ADM Worm. Worm for Linux x86 found in wild. The "ADM w0rm" is public and can be found at:

Just got this on bugtraq... Balu -------- Original Message -------- Subject: SVGATextMode 1.8 /tmp race Date: Thu, 21 Oct 1999 23:01:34 +0300 From: Adrian Voinea <root@DEATH.GDS.RO> Reply-To: Adrian Voinea <root@DEATH.GDS.RO> To: BUGTRAQ@NETSPACE.ORG Hello, savetextmode, a utility that comes with SVGATextMode 1.8, saves the text mode data in /tmp, in two files with the mode 644:

Hi *, fwd from bugtraq Greetings, Jan-Philip Velders <gvelders@jvelders.tn.tudelft.nl> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Nederlandse Linux GebruikersGroep : http://www.nllgg.nl | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ---------- Forwarded message ---------- Date: Tue, 28 Jul 1998 20:27:21 +0200 From: Paul Boehm <paul@BOEHM.ORG> To:

-=> To moderator: I don't know whether it's wise to release the FTP-location I would recommend everyone to just look over their daemons, and run something like nessus against theirselves... Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Thu, 25 Mar 1999 16:26:59 -0700 From: "Ben Cantrick (Macky Stingray)" <mackys@MACKY.RONIN.NET> To:

My housemate has formalized a sortof new attack against unix-style operating systems. He''s a BSD fan, so that''s where he developed the attack. He asked me to check Linux, which I did. It seems Linux is not vulnerable to it. This attack is going out to BUGTRAQ tonight. The attack isn''t too serious because it requires physical access to the console, but it

[mod: In addition to this, Jon points us to: http://www.redhat.com/corp/support/errata/rh52-errata-general.html#imap for the official fix from Red Hat. -- REW] ---------- Forwarded message ---------- From: dumped <dumped@SEKURE.ORG> Subject: ipop2d buffer overflow fix Resent-Subject: ipop2d buffer overflow fix Date: Thu, 3 Jun 1999 17:29:05 -0300 Resent-Date: Fri, 4 Jun 1999 00:52:49

>---------- Forwarded message ---------- >Date: Tue, 13 May 1997 21:18:33 +0200 >From: Wojciech Swieboda <wojtek@ajax.umcs.lublin.pl> >To: BUGTRAQ@NETSPACE.ORG > >Hello, > I''ve lately found an overflow vulnerability in Elm (Elm is setgid >mail on linux, and perhaps on some other platforms aswell). I''ve tested >this bug on versions 2.3 and

-| == Marcin Bohosiewicz marcus@venus.wis.pk.edu.pl == |- -| == tel. +048 (0-12) 37-44-99 marcus@krakow.linux.org.pl == |- -| == Strona Domowa - http://venus.wis.pk.edu.pl/marcus/ == |- ---------- Forwarded message ---------- Date: Sat, 26 Apr 1997 16:16:05 -0400 From: George Staikos <staikos@0WNED.ORG> Approved: R.E.Wolff@BitWizard.nl To: BUGTRAQ@NETSPACE.ORG Subject:

---------- Forwarded message ---------- Date: Tue, 30 Jun 1998 15:10:47 +0800 From: David Luyer <luyer@UCS.UWA.EDU.AU> To: BUGTRAQ@NETSPACE.ORG Subject: Serious Linux 2.0.34 security problem I just saw this mentioned on linux-kernel and confirmed it; #include <fcntl.h> #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int