similar to: Linux Redhat 4.0/3.0.3 makewhatis cron job

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: man package''s ''makewhatis'' uses insecure handling of files in /tmp Advisory ID: RHSA-2000:041-02 Issue date: 2000-07-03 Updated on: 2000-07-03 Product: Red Hat Linux Keywords: man /tmp

--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated man package fixing GID security problems. Advisory ID: RHSA-2001:072-14 Issue date: 2001-05-28 Updated on: 2001-09-06 Product: Red Hat Linux Keywords: man setgid heap overflow path makewhatis root GID

Hi all, I've been trying out the code from Chamber's "Classes and Methods in the S language": http://www.omegahat.org/RSMethods/Intro.pdf >From my session: R> whatis <- function(object) paste( "sdw" ) R> setMethod( "whatis", "vector", function(object) paste( "cswdvcr" ) ) R> dumpMethod( "whatis",

hope this help some one else --as it helped me, in undertanding contributions to * wiki pages... Regards! Samuel ----- Original Message ----- From: "whatis.com" <WhatIs-BAD63EB5A68046E1@lists.techtarget.com> To: "whatis.com" <WhatIs@lists.techtarget.com> Sent: Tuesday, January 06, 2004 10:31 AM Subject: Word-of-the-Day: wiki > THE

I updated my x86 machine day before yesterday, and I noticed two things. The clamav user and group was deleted, and not recreated, and when the makewhatis ran, I got a page full of "zcat: stdout: Broken pipe" entries. What gives with the makewhatis and clamav? Was clamav removed from the software? I encountered no errors when the transaction check and transactions were run.

Here are my preliminary tests: 5.2.18 is vulnerable (stock Redhat 3.0.3) 5.3.12 does not appear vulnerable (stock Redhat 4.0, I think) Dave G. <daveg@escape.com> http://www.escape.com/~daveg

https://bugzilla.samba.org/show_bug.cgi?id=7941 Summary: Formatting bug in rsync man page? (man -k, whatis, catman -w) Product: rsync Version: 3.0.7 Platform: Sparc OS/Version: Solaris Status: NEW Severity: minor Priority: P3 Component: core AssignedTo: wayned at samba.org

At this point, I've been through 4 AMD64 motherboards. Commonly, AE_BAD_CHARACTER stops ACPI (or apic?) from figuring out the system --- this has happened on 3 out of four boards. On this latest board, it can turn off APIC. If I do that, FreeBSD hangs after detecting the disks. The only "wrong" thing on the screen is module_register_init: MOD_LOAD (amr_linux,

> Some versions (the util-linux version, but not the netwrite or netkit > versions) of /usr/bin/write have a buffer overrun problem that is > almost certainly exploitable. Note that this gives access to the tty > group, but not (directly) root. > > The fix is to change the two sprintfs to snprintfs. Patches have been > mailed to the maintainer. While I agree that routines

/* vixie crontab buffer overflow for RedHat Linux * * I dont think too many people know that redhat uses vixie crontab. * I didn''t find this, just exploited it. * * * Dave G. * <daveg@escape.com> * http://www.escape.com/~daveg * * */ #include <stdio.h> #include <sys/types.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #define

Is anybody working on implementing CreateNamedPipeA/WaitNamedPipeA (KERNEL32.168 , KERNEL32.725) or can anybody comment on how much needs to be done to implement these ? Some applications seem to use this to communicate with a license manager process - even freely available product catalogs that apparently create a pro forma license file during the installation process. Martin -- Dr. Martin

Looking further into this segfault at settings-parser.c:setting_copy():1519 *dest_size = *src_size; *src_size points to type size_t (typedef unsigned long), a 4-byte aligned value consistent with a 32-bit build. This is mismatched with declared type (gdb) whatis src_size type = const uoff_t * (gdb) whatis uoff_t type = unsigned long long (gdb) p sizeof(uoff_t) $1 = 8 resulting

----- KSR[T] Website : http://www.dec.net/ksrt E-mail: ksrt@dec.net ----- KSR[T] Advisory #003 Date: Aug 05, 1997 ID #: lin-cron-003 Operating System(s): Redhat linux 4.1, SuSE Linux 5.0, Slackware 3.3 Affected Program:

I am getting an odd error on a recent i386 releng9 while trying to build a nanobsd image. It dies during installworld in cd /usr/src/etc/../share/man; /usr/obj/nanobsd.full//usr/src/make.i386/make makedb makewhatis /usr/obj/nanobsd.full//_.w/usr/share/man makewhatis /usr/obj/nanobsd.full//_.w/usr/share/openssl/man rm: /tmp/install.bqKyLzJg: Directory not empty *** [installworld] Error code 1 1

[Mod: in a disk crash I lost the original of this message posted by Dave to linux-security so this one is from bugtraq, reposted with author''s permission -- alex] This old problem refuses to die. #!/bin/sh # # yankpw # # Under a lot of linux distributions(I know Redhat 3.0.3 and Slackware 3.0) # /var/log/messages is world readable. If a user types in his password at # the login prompt,

k' then. now our problem... We have (in the netherlands) a site which has the top 100 singles in Real. We have the copy bit on, still Warner wants us to only stream 30 seconds of each song. Even worse, our on demand 'radio station', which has thousands of songs on request is threatened too. Any idea how we stand? Maarten ----- Original Message ----- From: "Jack Moffitt"

Dirk Eddelbuettel <edd@debian.org> writes: > On Sun, Jun 06, 2004 at 01:32:00PM -0700, Spencer Graves wrote: > > I agree: It sounds like a bug, as you said, Irk, in that > > That brilliant :) Many people, in Germany as well as abroad, managed to > chop Eddelbuettel quite well. Turning Dirk into Irk is rather unsurpassed. > > Dirk, with a big grin Not to

After you do your update, done forget to do updatedb, makewhatis, ... The locate for rpmnew has a couple items of interest and the locate for rpmsave returns one that occupies 24MB of your precious disks - /var/lib/Pegasus/prev-repository*. It compresses nicely to appx. 1MB, cpio bzipped --best. Change in your rndc key too, for DNS.

Hello, We just started using WineLib, and have very basic question: which -g??? option do you use to do source level debugging with winedbg? I searched the documentation and mailing list for any step-by-step about this, but found nothing. So either the answer is so obvious that I just can't see it - or it doesn't work? By default, winemaker seems configure things for no debug - so

Ah, okay, I see. submission_max_mail_size should be defined as uoff_t instead of size_t in struct submission_settings and struct submission_settings. > On 20 Jul 2019, at 1.47, Joseph Tam via dovecot <dovecot at dovecot.org> wrote: > > > Looking further into this segfault at > > settings-parser.c:setting_copy():1519 > *dest_size = *src_size; > > *src_size