similar to: who (fwd)

Hi, I''m running into something weird here. I''m using RH5.1 with tcp_wrappers 7.6. The syntax for hosts.allow and hosts.deny is: <service list> : <access list> [ : <shell_command> ] Everything works when I _don''t_ use the shell_command. I used the _exact_ line as in the man-pages utilising "safe_finger" (comes with tcp_wrappers), tcpdchk

Hi, the following pieces of mail came by on BugTraq. It appears that Apache (1.2.5 and 1.2.6 tested, 1.3 is vulnerable according to Ben Laurie [Apache member]) doesn''t handle the case, when there are a lot (say 10000) of "User-Agent:"-headers. (other headers could also work!). An exploit with source-code was posted on BugTraq. excerpts from the mail by

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hi everyone, not exactly security, but might give the wrong impression about the state of your security... Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Nederlandse Linux GebruikersGroep : http://www.nllgg.nl | -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _---------- Forwarded message ----------

On Fri, 26 Mar 1999, Thomas Biege wrote: > Date: Fri, 26 Mar 1999 09:34:10 +0100 (MET) > From: Thomas Biege <thomas@suse.de> > To: Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> > Cc: linux-security@redhat.com > Subject: Re: [Security - intern] [linux-security] *ALERT*: ADM Worm. Worm for Linux x86 found in wild. > The worm just exploits old security holes, so

Hi all, perhaps this is something of interest to all of us RedHat users ? Later Crispin added: | In response to many comments pointing out a glaring omission (grovel | grovel) the SOURCE CODE for StackGuard is now on line, both as a complete | tar ball and as a source patch to gcc 2.7.2.3, available here: | | http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/compiler.html Greetings,

I would be surprised if someone hasn''t encountered this already, but I haven''t found any discussion of the nature of this problem. I run RehHat 5.0. If a user makes a mistake in the login process such as the following: login: mistake password: xxx Login incorrect! login: username password xxxx bash$ a ps will show, among other things, 2333 /bin/login --mistake. Since

Hi, some more info on the previous admw0rm alert. Fwd'd from BugTraq Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Fri, 26 Mar 1999 21:17:40 +0100 From: Mixter <mixter@HOME.POPMAIL.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Re: ADM Worm. Worm for Linux x86 found in wild. The "ADM w0rm" is public and can be found at:

-=> To moderator: I don't know whether it's wise to release the FTP-location I would recommend everyone to just look over their daemons, and run something like nessus against theirselves... Greetings, Jan-Philip Velders ---------- Forwarded message ---------- Date: Thu, 25 Mar 1999 16:26:59 -0700 From: "Ben Cantrick (Macky Stingray)" <mackys@MACKY.RONIN.NET> To:

Hi, well, swift response! Qualcomm has a patched qpopper (2.5) Greetings, Jan-Philip Velders <jpv@jvelders.tn.tudelft.nl> ---------- Forwarded message ---------- Date: Mon, 29 Jun 1998 21:43:18 -0700 From: Praveen Yaramada <pyaramad@QUALCOMM.COM> To: BUGTRAQ@NETSPACE.ORG Subject: Patched Qpopper2.5 release Notification. Hello Folks, As you are already aware that qpopper

i want to count the number of paragraphs in my message of an article , but it gives the wrong number example of paragraph : <p><div class=''paragraaf''><p><h4>Dick Advocaat verdient veel geld bij Zuid-Korea</h4><div class=''bericht''>De Zuid-Koreaanse voetbalbond legt de Nederlandse bondscoach Dick Avocaat rijkelijk in de

Hai Mourik Jan, ? This is the script we use, this is the work my collega. ( see the developed by, thats his company?) This is a "as is"? share, so read the code, we added as much as possible info in there. ? Few extra pointers, - speed up the script by useing ramdisk, make sure your ramdisk has the space for the bigest pdf you want to create. ??? we did limit the max size in the

You probably know this already, but the following notice appeared to bugtraq. As a side note the protocol on bugtraq seems to be designed to make a fix available before the announcement by providing one yourself or giving the maintainer a week's advance warning (M$ gets a lot longer warning and *still* fails to fix the bugs before bugtraq knows). Having said that M$ insists on allowing me

---------- Forwarded message ---------- Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by blues.jpj.net (backatcha) with ESMTP id CAA13949; Fri, 14 Nov 1997 02:08:13 -0500 (EST) Received: from unknown@netspace.org (port 25452 [128.148.157.6]) by brimstone.netspace.org with ESMTP id <818-20257>; Fri, 14 Nov 1997 01:41:22 -0500 Received: from NETSPACE.ORG by

This is yet-another reason to _partition_ your disks. Of course hard links do not work accross filesystems. Even thought it is a pain in the neck to do when installing your operating system, think about separating critical system files from non-critical and non-system files from system files. I would say that the following layout is a good place to start: / /usr (nosuid,nodev,ro) /usr/local

Hi, This is FYI. Lets not start discussion on a topic of "my fingerd is better than yours". Alex ------- Forwarded Message Return-Path: owner-bugtraq@NETSPACE.ORG Message-ID: <199705240145.WAA11413@morcego.linkway.com.br> Date: Fri, 23 May 1997 22:45:04 -0300 Reply-To: Rodrigo Barbosa <rodrigob@MORCEGO.LINKWAY.COM.BR> Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>

And, here''s a fix. -----Original Message----- From: David Zhao <dzhao@LURK.KELLOGG.NWU.EDU> To: BUGTRAQ@NETSPACE.ORG <BUGTRAQ@NETSPACE.ORG> Date: Sunday, May 17, 1998 3:00 PM Subject: simple kde exploit fix >in kdebase/kscreensaver/kscreensave.cpp: > >change: >line 18: strcpy( buffer, getenv("HOME") ); > to >

------- start of forwarded message (RFC 934 encapsulation) ------- From: kevingeo@CRUZIO.COM Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG> To: BUGTRAQ@NETSPACE.ORG Subject: Quake 2 Linux 3.13 (and lower) allow users to read arbitrary files Date: Wed, 25 Feb 1998 05:49:58 -0500 Reply-To: kevingeo@CRUZIO.COM Vulnerable: Everyone who followed the installation instructions and made Quake2

------- start of forwarded message (RFC 934 encapsulation) ------- From: Joe Zbiciak <im14u2c@cegt201.bradley.edu> Approved: alex@bach.cis.temple.edu Sender: Bugtraq List <BUGTRAQ@netspace.org> To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org> Subject: Buffer overflow in Linux''s login program Date: Sun, 22 Dec 1996 09:27:24 -0600 Reply-To: Joe Zbiciak

------- =_aaaaaaaaaa0 Content-Type: text/plain; charset="us-ascii" Content-ID: <14008.870179829.1@erehwon.bmc.com> See attached. Red Hat Linux package mh-6.8.3-13.i386.rpm installs the inc and msgchk programs as follows: -rwsr-sr-x- root mail 72628 Oct 17 16:57 /usr/bin/mh/inc -rwsr-xr-x- root root 52536 Oct 17 16:57 /usr/bin/mh/msgchk Hal -------