similar to: signing syslog files with PGP

Hm, look what I got hold of today.. Works if sendmail is mode 4111 or similar: #! /bin/sh # # # Hi ! # This is exploit for sendmail smtpd bug # (ver. 8.7-8.8.2 for FreeBSD, Linux and may be other platforms). # This shell script does a root shell in /tmp directory. # If you have any problems with it, drop me a letter. #

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.20 Original issue date: September 18, 1996 Last revised: -- Topic: Sendmail Vulnerabilities - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:05 *** The CERT Coordination Center

> > systems which no longer seem to have this. This file contained an archive of > > the trojan''s that were inserted into the compromised system - does anybody know > > what is in these trojans? > > Check the Linux RootKit ... (LRK).. > > Typically LRK to use config-files.. (and typically LRK-users to place > files in /dev.. find /dev -type f | grep -v

Hi, On Mi, 2015-01-28 at 18:00 +0200, Michael S. Tsirkin wrote: > On Wed, Jan 28, 2015 at 11:34:02AM +0100, Hannes Frederic Sowa wrote: > > Hi, > > > > On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > > > On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > > > > Hello, > > > > > > > > On Di,

Hi, On Mi, 2015-01-28 at 18:00 +0200, Michael S. Tsirkin wrote: > On Wed, Jan 28, 2015 at 11:34:02AM +0100, Hannes Frederic Sowa wrote: > > Hi, > > > > On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > > > On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > > > > Hello, > > > > > > > > On Di,

Hi, On Mi, 2015-01-28 at 09:16 -0500, Vlad Yasevich wrote: > On 01/28/2015 05:34 AM, Hannes Frederic Sowa wrote: > > Hi, > > > > On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > >> On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > >>> Hello, > >>> > >>> On Di, 2015-01-27 at 18:08 +0200, Michael

Hi, On Mi, 2015-01-28 at 09:16 -0500, Vlad Yasevich wrote: > On 01/28/2015 05:34 AM, Hannes Frederic Sowa wrote: > > Hi, > > > > On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > >> On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > >>> Hello, > >>> > >>> On Di, 2015-01-27 at 18:08 +0200, Michael

There are several ways that VMs can take advantage of UFO and get the host to do fragmentation for them: drivers/net/macvtap.c: gso_type = SKB_GSO_UDP; drivers/net/tun.c: skb_shinfo(skb)->gso_type = SKB_GSO_UDP; drivers/net/virtio_net.c: skb_shinfo(skb)->gso_type = SKB_GSO_UDP; Our implementation of UFO for IPv6 does: fptr =

There are several ways that VMs can take advantage of UFO and get the host to do fragmentation for them: drivers/net/macvtap.c: gso_type = SKB_GSO_UDP; drivers/net/tun.c: skb_shinfo(skb)->gso_type = SKB_GSO_UDP; drivers/net/virtio_net.c: skb_shinfo(skb)->gso_type = SKB_GSO_UDP; Our implementation of UFO for IPv6 does: fptr =

On Wed, Mar 11, 2020 at 12:25:27AM +0800, John Garry wrote: > From: Hannes Reinecke <hare at suse.com> > > Add a new field 'nr_reserved_cmds' to the SCSI host template to > instruct the block layer to set aside a tag space for reserved > commands. > > Signed-off-by: Hannes Reinecke <hare at suse.com> > --- > drivers/scsi/scsi_lib.c | 1 + >

On Wed, Mar 11, 2020 at 12:25:27AM +0800, John Garry wrote: > From: Hannes Reinecke <hare at suse.com> > > Add a new field 'nr_reserved_cmds' to the SCSI host template to > instruct the block layer to set aside a tag space for reserved > commands. > > Signed-off-by: Hannes Reinecke <hare at suse.com> > --- > drivers/scsi/scsi_lib.c | 1 + >

has anyone played with the securelevel variable in the kernel and the immutable flags in the ext2 file system? The only way I have found to change the flag is by patching sched.c from int securelevel=0 to int securelevel=1 The sysctrl code seems to allow the setting of the flag only by init (PID=1) and only upwards (0->1, etc). The problem is that I haven''t found a way to get init

Hi all, this patch updates the ash-port of klibc to that one found in NetBSD-1.6.1 instead of the horribly old one currently used. It's a bit longish (appearently there has been some work done between 1993 and today), but now it's even useable on 64-bit systems :-). Plus I've added some nice-to-have builtins, e.g. printf. Cheers, Hannes -- Dr. Hannes Reinecke hare@suse.de SuSE

I've read about securelevel in the mailing list archive, and found some pitfalls (and seems to me to be discarded soon). But According to me, the following configuration should offer a good security: - mount root fs read only at boot; - set securelevel to 3; - do not permit to unmount/remount roots fs read-write (now it is possible by means of "mount -uw /"); - the only way to make

Hi all, the implementation of getpagesize() is broken in klibc. klibc uses sysinfo.mem_unit, which linux interpretes as the memory unit all other memory values returned are to be multiplied with. So it's perfectly ok for the linux sysinfo() to return a mem_unit of '1', which is does if the memory available for this machine fits into the counter. For the unbelievers, have a look in

Hello, On Di, 2015-01-27 at 18:08 +0200, Michael S. Tsirkin wrote: > On Tue, Jan 27, 2015 at 05:02:31PM +0100, Hannes Frederic Sowa wrote: > > On Di, 2015-01-27 at 09:26 -0500, Vlad Yasevich wrote: > > > On 01/27/2015 08:47 AM, Hannes Frederic Sowa wrote: > > > > On Di, 2015-01-27 at 10:42 +0200, Michael S. Tsirkin wrote: > > > >> On Tue, Jan 27, 2015

Hello, On Di, 2015-01-27 at 18:08 +0200, Michael S. Tsirkin wrote: > On Tue, Jan 27, 2015 at 05:02:31PM +0100, Hannes Frederic Sowa wrote: > > On Di, 2015-01-27 at 09:26 -0500, Vlad Yasevich wrote: > > > On 01/27/2015 08:47 AM, Hannes Frederic Sowa wrote: > > > > On Di, 2015-01-27 at 10:42 +0200, Michael S. Tsirkin wrote: > > > >> On Tue, Jan 27, 2015

running (4-Stable) Hi, short form question: how does one run XDM under securelevel>0 ? long version: i've searched for an answer on how to run Xfree/Xorg at a securelevel the X server likes access to /dev/io and some other resources but is not granted access after security is switched on. one way of doing it seems to be to start it before setting the securelevel, but then is doesnt

Hi, On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > > Hello, > > > > On Di, 2015-01-27 at 18:08 +0200, Michael S. Tsirkin wrote: > > > On Tue, Jan 27, 2015 at 05:02:31PM +0100, Hannes Frederic Sowa wrote: > > > > On Di, 2015-01-27 at 09:26 -0500, Vlad Yasevich wrote:

Hi, On Mi, 2015-01-28 at 11:46 +0200, Michael S. Tsirkin wrote: > On Wed, Jan 28, 2015 at 09:25:08AM +0100, Hannes Frederic Sowa wrote: > > Hello, > > > > On Di, 2015-01-27 at 18:08 +0200, Michael S. Tsirkin wrote: > > > On Tue, Jan 27, 2015 at 05:02:31PM +0100, Hannes Frederic Sowa wrote: > > > > On Di, 2015-01-27 at 09:26 -0500, Vlad Yasevich wrote: