similar to: SECURITY: passwd problem (second edition)

After installing redhat4.1 I found that a few serious bug fixes announced in Jan 97 was not included in the distribution. First of them -- a SERIOUS SECURITY BUG in wu-ftpd allowing any user gain a root acces to files. Patch was posted in redhat-announce list and included in wu-ftpd-2.4.2b11-9. Second: a bug in wu-ftpd -- ftpd doesn''t perform any log for real user and ignores

Dear list! I have problem with buffer size (width) in package rgeos. I would like to expand given geometry (points) to specified width based on the z value from attribute table. Here is example: point <- data.frame(x=c(10,20), y=c(10, 10), z = c(2,7)) point_shp <- SpatialPointsDataFrame(point[,1:2],point) plot(point_shp, xlim = c(0,30), ylim = c(0,20)) plot(gBuffer(point_shp, width = 5,

/* vixie crontab buffer overflow for RedHat Linux * * I dont think too many people know that redhat uses vixie crontab. * I didn''t find this, just exploited it. * * * Dave G. * <daveg@escape.com> * http://www.escape.com/~daveg * * */ #include <stdio.h> #include <sys/types.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #define

OpenSSH's ssh-keygen sets the mode of ~/.ssh to 700, unlike "Classic" ssh, which set it to 755. I've noticed a couple of problems: If your home directory is on an NFS server which maps user root from clients to nobody (typical "safe" setup), sshd, which runs as root, will find itself without the ability to read that user's .ssh/authorized_keys file. This can be

> Two of those are compile errors, suggesting you aren't pulling in the > right header file (it's in common/serialise-double.h I believe). Thanks, fixed those errors. > I can't tell for sure without seeing the diff. You may mean just > `ptr++`? But it could be something else, depending on what you're > trying to do. I'm trying to unserialise normalization

As halflife demonstrated in Phrack 50 with his linspy project, it is trivial to patch any system call under Linux from within a module. This means that once your system has been compromised at the root level, it is possible for an intruder to hide completely _without_ modifying any binaries or leaving any visible backdoors behind. Because such tools are likely to be in use within the hacker

On Wed, Aug 02, 2017 at 02:04:54PM +0200, hw wrote: > Just wait and see how he will like the feedback he?s getting here ... Trolling aside (fascist? really?), I've gotten valuable feedback from several people which I really appreciate. I intend to continue to engage with the CentOS community, because when we work on big changes in Fedora which may come to our downstream distributions,

--7ZAtKRhVyVSsbBD2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Netfilter Core Team Security Advisory =20 CVE: CAN-2003-0467 Subject: Netfilter / NAT Remote DoS Released: 01 Aug 2003 Effects: Under limited circumstances, a remote user may be able to crash

http://bugzilla.netfilter.org/show_bug.cgi?id=738 Summary: reading beyond buffer limits in nf_conntrack_proto_tcp.c::tcp_options() Product: netfilter/iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: minor Priority: P2 Component: nf_conntrack

> `ptr` is, if I inferred correctly, a `const char *`. (I'm not sure, > because I don't know why you're incrementing it. Please push your code > to github if you need further help so people can see the entire > context of your changes.) I've pushed all the changes I made so far https://github.com/xapian/xapian/compare/master...ivmarkp:piv+?diff=split&name=piv%2B

On Thu, Apr 20, 2017 at 11:00 AM, Scott Neugroschl <scott_n at xypro.com> wrote: > > On Wed, Apr 19, 2017 at 1:02 PM, navern <livingdeadzerg at yandex.ru> wrote: > >> Is there any available tool with this for pre-evaluating the resulting sshd_config for fatal errors? I'm not demanding: I'm thinking "that could be really, really useful". > >

Hi everybody, We have a Fedora Core 1 samba server and would like to authenticate it to an LDAP server using PAM. I installed nss_ldap, configured /etc/ldap.conf to match my settings and /etc/nsswitch.conf to use ldap. My /etc/pam.d/samba is like this : #%PAM-1.0 auth required pam_nologin.so auth sufficient /lib/security/pam_ldap.so use_first_pass auth required

Hi folks, I meant to send this in to the devel list a while ago (1 Jul, actually) but school has until recently had a strangehold on me. The issue is this: the sshd.pam.generic in the openssh-2.1.1p4/contrib directory can be modified to suit standard SuSE 6.4 configurations as thus: {crimsun@[dhcp1520]:~} diff -c /etc/pam.d/sshd openssh-2.1.1p4/contrib/sshd.pam.generic *** /etc/pam.d/sshd

I have Debian 3.0 (woody) and installed the dovecot packages and it works ok with the default configuration. I want to change the default configuration, is any of this possible? a) I don't want to create accounts for each user, can I have a mailboxes directory with the mailboxes of all the users? They are not many (10-15). b) The authentication right now is done through PAM, the

>From what I can find in the archives I don't see an answer to this, plus the keywords are just so common that it makes it impossible to sift though all the information, so I thought I would ask. I have a working smb.conf and windbind is working just fine. I am authentication users to a Win2K machine which is the PDC. The authentication is working just fine. Its the password changes

Matthew Miller wrote: > On Wed, Aug 02, 2017 at 02:04:54PM +0200, hw wrote: >> Just wait and see how he will like the feedback he?s getting here ... > > Trolling aside (fascist? really?), I've gotten valuable feedback from > several people which I really appreciate. I intend to continue to > engage with the CentOS community, because when we work on big changes > in

FreeBSD wahoo.prodigy.net 4.9-PRERELEASE FreeBSD 4.9-PRERELEASE #0: Tue Sep 23 10:13:51 CDT 2003 jbryant@wahoo.prodigy.net:/usr/obj/usr/src/sys/WAHOO.SMP i386 Dual Pentium II 333 MHz on Tyan Thunder-2 Motherboard. Anyone else seeing this? jim -- "Religious fundamentalism is the biggest threat to international security that exists today." United Nations Secretary

Dear Samba-Users, two problems to solve... 1) Trying to authenticate users via pam_winbind against NT-PDC (samba 3.0.4, Debian GNU Linux 3.0). Got shell login and ssh working, but won't be able to login via GDM to gnome or KDE. I do not really understand the difference between login/ssh module stack and gdm module stack. Log auth says something queerish: --- auth.log --- Jul 14 18:34:43

On Wed, January 21, 2015 14:27, Fred Smith wrote: > On Wed, Jan 21, 2015 at 01:37:43PM -0500, James B. Byrne wrote: >> So, how does one enable flash video and audio in Firefox-31.4.0esr? > > One installs the flash plugin from Adobe and configures firefox to > either run it automatically when needed, or to ask if you want > to allow it to run, every time (which helps prevent

I just spent some time trying to figure out how to get OpenSSH to work correctly with NIS and PAM. It seems to work fine, apart from one minor worry I still have (see below). Feedback about grave security risks are welcome :) This is using RedHat 6.1 with updates and the OpenSSH 1.2.2p1-1 RPM's on the NIS server as well as the client. In short, my configuration is: /etc/nssswitch.conf: