similar to: Beware of dangerous enviroment (Re: Overflows in minicom)

On Sat, 23 May 1998, Torkil Zachariassen wrote: > >I have browsed various versions of libc and found a handful of weak points > >where the value of an enviroment variable is trusted more than necessary. > [1] > Could you explain to programming novices on linux-security - people like > myself 8) - hwo this could affect security on a firewall (proxy and/or > IP-router,

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:53 Security Advisory FreeBSD, Inc. Topic: catopen() may pose security risk for third party code Category: core Module: libc Announced:

[Mod: Forwarded from bugtraq -- alex] Hi! I''m sorry if the information I''m going to tell about was already known, but I hope it wasn''t... I just occasionally found a vulnerability in Linux libc (actually, some of the versions seem not to be vulnerable; my Slackware 3.1 box was though). Unfortunately, I have no time for a real investigation right now, but

Hi, Standard approach to profiling dynamically loaded libraries with gprof doesn't seem to work with LLVM: export LD_PROFILE=Mylib.so export LD_PROFILE_OUTPUT=. make ENABLE_PROFILING=1 // compiling my project opt -load Profile/Mylib.so -options... but no Mylib.so.profile (or gmon.out) is produced. Profiling libc.so.6 usage by "ls -l", however, works fine. Could anyone explain

Hi I'm presently installing 2.2.8a on Mandrake 9.1 I'm a newbie to Linux as well as Samba, so it's been fun... When I first installed Linux I installed Samba from the discs (2.2.7a), but on reading up on the subject it became clear that I should give installing the source a go. My problem is this - I don't think I have rerouted all of the paths to usr/local/samba from what

I''m trying to install CiscoWorks 2.5 on Solaris 10 update 1, and after the install when I try to start the daemon, it errors: # /opt/CSCOpx/objects/dmgt/dmgtd.sol ERROR: open file dmgtd failedERROR >>>>>>>>>>>>> open msg catalog failed. NLSPATH incorrect or objects/share/nls/C/dmgtd.cat is missing. # echo $NLSPATH

System details: -------------- Sun Blade 1000, Solaris 8, Sun ONE Compiler Suite (rebranded Forte 7), R versions 1.6.0 and 1.6.2 - suspect others are affected, too Problem description: ------------------- Using the recommended env var setting from p.15 of the Admin Guide, the configure script fails the sgemm sunperf test, even though the sunperf libraries are available Not linking with

On Wed, Jul 17, 2019 at 06:49:39PM +0900, Hiroyuki Katsura wrote: >From: Hiroyuki_Katsura <hiroyuki.katsura.0513@gmail.com> > >Rust bindings: Add create / close functions > >Rust bindings: Add 4 bindings tests > >Rust bindings: Add generator of structs > >Rust bindings: Add generator of structs for optional arguments > >Rust bindings: Add generator of

I need a terminal program, such as minicom, which I see is not part of my Strongbolt install of CentOS+BQ loaded on a RaQ 4 system. Does anyone know if a standard rpm for minicom should work or where to get a package that will provide minicom or other terminal program? Or, perhaps there is another terminal program installed in my system that I can look for? -- Robert

I'm trying to capture text data coming in on serial port to put into a plot on a web page. Running minicom 2.3 on a Fedora 9 box the capture file is updated immediately. Running minicom 2.1, stock on a Centos 5.x box the capture file doesn't update until you exit capture mode. Is there any way to have it update immediately or is there an alternative application to write incoming data to a

Nicolas Kovacs writes: > Hi, > > I have to do some maintenance on a CentOS 7 proxy installed on a routerboard > without a video card. The only way to access this machine directly is via > Minicom and serial port. > > I'm using NetworkManager TUI (nmtui) to configure network interfaces, but > Ncurses rendering in Minicom works in the sense that chickens fly and horses

Hi all I am a newcomer of this ML. And I installed CentOS a couple of hours ago on my i386 box because it is said that CentOS is a community based binary distro of RHEL. Before that I used to use RH9(it is quite out of date for my newly upgraded PC) as my host environment to work on embedded systems. The installation procedure went smoothly and after that everything looked functional, however, I

hi ppl, well, here is another standard buffer overrun vulnerability, which may sometimes lead to root compromise (not always. not in new distributions, fortunately). Current Slackware and current RedHat don''t install minicom suid root, only sgid/uucp, which is not *that* dangerous. But when you build minicom from source, it asks you to do "chmod +s" on it. Summary:

Hi, I have to do some maintenance on a CentOS 7 proxy installed on a routerboard without a video card. The only way to access this machine directly is via Minicom and serial port. I'm using NetworkManager TUI (nmtui) to configure network interfaces, but Ncurses rendering in Minicom works in the sense that chickens fly and horses swim. What you get is a forest of question marks with a few

Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg

The system I am using is a clean install of Mandrake 8.0 which has the gcc version 2.96 installed. I downloaded the wine-20010510 snapshot and successfully ran the ./tools/wininstall. The build seems to have run without problems and if I type: wine --version the correct release number is displayed indicating the install was also succesful. As per the FAQ I also did the following:

Hi all, I''m not sure that here is the right place to post(so sorry if it is not), but it seems that WEBrick is not being maintained any more. I found that WEBricks freezes with 100% of CPU usage whenever it takes a POST message of invalid format(multipart/form-data with invalid boundary). Then the server is able to process any other requests no longer. Be careful if you''re

Hi, I just posted a patch tot he rails trac for a bug we found where running symbolize_keys! on a HashWithIndifferentAccess will delete all items from the hash. Please make sure you either never call symbolize_keys! (or to_options! which just alias it) on a HashWithIndifferentAccess, or apply the path attached from the ticket at: http://dev.rubyonrails.org/ticket/5076 I also posted a much longer

Unpatched 2.6.10 kernels are apparently broken WRT TCP connection tracking. Established connections that are ended with an RST are not removed from the conntrack table. See: http://lists.netfilter.org/pipermail/netfilter-devel/2005-January/017956.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \

Just a note to pass on in case anyone runs into the same situation. I have a DELL R510 that is running just fine, up until the day that I needed to import a pool from a USB hard drive. I plug in the disk, check it with rmformat and try to import the zpool. And it sits there for practically forever, not responding. The machine still responds to network connections etc., it''s just the