similar to: cxterm buffer overrun

I was surprised to see that this hadn't made it to the samba list yet. Note I have not spent any time trying to confirm validity. ---------- Forwarded message ---------- Date: Fri, 26 Sep 1997 00:21:55 +0200 From: root <root@ADM.KIX-AZZ.ORG> To: BUGTRAQ@NETSPACE.ORG /* ___ ______ _ _ / \ | _ \ | \ / |

[Mod: Forwarded from bugtraq -- alex] Hi! I''m sorry if the information I''m going to tell about was already known, but I hope it wasn''t... I just occasionally found a vulnerability in Linux libc (actually, some of the versions seem not to be vulnerable; my Slackware 3.1 box was though). Unfortunately, I have no time for a real investigation right now, but

/* vixie crontab buffer overflow for RedHat Linux * * I dont think too many people know that redhat uses vixie crontab. * I didn''t find this, just exploited it. * * * Dave G. * <daveg@escape.com> * http://www.escape.com/~daveg * * */ #include <stdio.h> #include <sys/types.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #define

-| == Marcin Bohosiewicz marcus@venus.wis.pk.edu.pl == |- -| == tel. +048 (0-12) 37-44-99 marcus@krakow.linux.org.pl == |- -| == Strona Domowa - http://venus.wis.pk.edu.pl/marcus/ == |- ---------- Forwarded message ---------- Date: Sat, 26 Apr 1997 16:16:05 -0400 From: George Staikos <staikos@0WNED.ORG> Approved: R.E.Wolff@BitWizard.nl To: BUGTRAQ@NETSPACE.ORG Subject:

Summary: Any user can gain root privileges on a Intel Linux system with suidperl 5.003 (having the suid bit, of course) even if "SUIDBUF" and "two suidperl security patches" have been applied. Non-Intel / non-Linux platforms may be affected as well. Quick fix: chmod u-s /usr/bin/sperl5.003 (what else?) Details: There is a nasty bug in mess() (util.c): it is possible to

I just had a peek at the anaconda source for Fedora 21. Apparently you can waive the password strength tests (and the non-ASCII tests) by simply clicking "Done" twice. def _checkPasswordASCII(self, inputcheck): """Set an error message if the password contains non-ASCII characters. Like the password strength check, this check can be bypassed by

The VMI ROM detection and code patching mechanism is illustrated in setup.c. There ROM is a binary block published by the hypervisor, and and there are certainly implications of this. ROMs certainly have a history of being proprietary, very differently licensed pieces of software, and mostly under non-free licenses. Before jumping to the conclusion that this is a bad thing, let us consider more

The VMI ROM detection and code patching mechanism is illustrated in setup.c. There ROM is a binary block published by the hypervisor, and and there are certainly implications of this. ROMs certainly have a history of being proprietary, very differently licensed pieces of software, and mostly under non-free licenses. Before jumping to the conclusion that this is a bad thing, let us consider more

On 02/04/2015 04:55 PM, Warren Young wrote: > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They don?t need to crack your > passwords now. You?re already boned. Not exactly. There have been remotely exploitable vulnerabilities where an arbitrary file could be read (not written), but otherwise root access wasn't given

----- Forwarded message from Louis Kowolowski <louisk@bend.com> ----- Date: Thu, 28 Aug 2003 11:37:42 -0700 From: Louis Kowolowski <louisk@bend.com> To: freebsd-security@freebsd.org Subject: snort, postgres, bridge User-Agent: Mutt/1.5.4i I've been prowling through the FreeBSD and Snort list archives in search of information on setting up snort on a FreeBSD bridge(4) that logs

Section I. Overview Hello, About a half year ago there was some rumour on bugtraq concerning a buffer overflow in Linux dynamic linkers, ld.so and ld-linux.so. You can take a look at the beginning of the thread at http://www.geek-girl.com/bugtraq/1997_3/0089.html to refresh old memories; I''ll capitalize anyway. Briefly, there exists a buffer overrun in ld-linux.so versions 1.7.14,

Add a /proc node for the VMI sub-arch, which gives information on the VMI ROM detected using /proc/vmi/info and a list of kernel annotations in /proc/vmi/annotations. The timing information is VMware specific, and should probably be put into a separate /proc node (and a separate patch for our internal use). Signed-off-by: Zachary Amsden <zach@vmware.com> Index:

Add a /proc node for the VMI sub-arch, which gives information on the VMI ROM detected using /proc/vmi/info and a list of kernel annotations in /proc/vmi/annotations. The timing information is VMware specific, and should probably be put into a separate /proc node (and a separate patch for our internal use). Signed-off-by: Zachary Amsden <zach@vmware.com> Index:

The Wine development release 1.7.46 is now available. What's new in this release (see below for details): - Improvements in the BITS file transfer service. - Still more progress on DirectWrite implementation. - Support for shared user data on 64-bit. - Various C++ runtime improvements. - Some more support for the 64-bit ARM platform. - Various bug fixes. The source is available

Macros to use VMI calls from assembly and C languages are introduced. The macros are quite complex, but the end result is rather impressive. The result is that when compiling a VMI kernel, the native code is emitted inline, with no function call overhead, and some wiggle room for register allocation. The hypervisor compatibility code is emitted out of line into a separate section, and patched

Macros to use VMI calls from assembly and C languages are introduced. The macros are quite complex, but the end result is rather impressive. The result is that when compiling a VMI kernel, the native code is emitted inline, with no function call overhead, and some wiggle room for register allocation. The hypervisor compatibility code is emitted out of line into a separate section, and patched

Hola: Para el desarrollo del nuevo PluginR de Tiki (para poder ejecutar scripts de R desde Tiki: en páginas Wiki, hojas de cálculo web, etc, http://dev.tiki.org/PluginR ), por ahora estamos usando la lista de funciones que se usaban en el proyecto r-php, y que fueran heredadas por la extensión R de MediaWiki. Como r-php se hizo hace algunos años (2006), me pregunto si alguien sabe si hay

Before anything else, let me state this: Of course it''s going to be PAINFULLY slow on MRI. That''s not the point :) I thought I''d try out writing out a Ruby version of the parser for the purposes of Rubinius. For those of you who aren''t aware, Ragel supports a goto-driven FSM on Rubinius by injecting assembly directly, and Rubinus head honcho guy Evan Phoenix

Hello there, I'd like to have iso image version for ultra sparc 64bit. Recently, I downloaded centos version 4.2 beta iso image and installed on SunUltra sparc 64 bit machine. It was hang when it went to the screen " the CentOS 4.2 beta screen, <Tab>/<Alt tab> | <Space> selects | <F12> next screen ". Any idea? Please help. Thanks in advance. Amy on your

> From: Larry Vaden <vaden at texoma.net> > Date: Sun, Jan 23, 2011 at 8:03 PM > Subject: sources of bind-9.7.2-P3 rpms for Centos 4.8 and 5.5? > Our site running Centos 4.8 and 5.5 name servers was hacked with > the result that www.yahoo.com is now within our /19 and causing > some grief. Don't understand what you mean by 'within our /19'. Have your IP