similar to: XMCD v2.1 released (was: Security Problems in XMCD)

Alexander O. Yuriev wrote: > > Your message dated: Wed, 20 Nov 1996 18:04:39 EST > > >has anyone played with the securelevel variable in the kernel and the > > >immutable flags in the ext2 file system? > > > > Yes, and its actualy quite nice. > > > > >The sysctrl code seems to allow the setting of the flag > > >only by init (PID=1)

There are security holes in XMCD 2.0pl2 (and presumably all previous versions), a popular audio cd player for numerous unix platforms, which allow a user defined environment variable to overflow a fixed size buffer resulting in a complete compromise of system security on machines with XMCD installed suid root. The cddb_init() function reads in the environment variable XMCD_CDDBPATH, and parses

Hi UNIX and Linux users, Xmcd, the premier CD player program, now also supports CD ripping to Ogg Vorbis, MP3 and other formats. For Ogg Vorbis, xmcd links directly with the vorbis libraries for best performance and integration. For further info and downloads, please visit the xmcd web site: http://www.amb.org/xmcd Vorbis webmasters: Please add xmcd to your list of free software that

XMCD is a popular unix audio cd-player with a unique feature that it will query remote databases over the Internet to determine the title, group, and song list for cds that are being played. The remote database of compact discs has become quite popular and is now supported by several Windows based cd players as well, including EasyCD2, DiscPlay, MyCDPLayer, and WinMCD. XMCD source is available

In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos setuid root. This is a serious security hole which can be exploited to gain access to any file on the system. Package: dosemu Version: 0.64.0.2-9 ------- start of cut text -------------- $ cat /etc/debian_version 1.1 $ id uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom) [quinlan:~]$ ls -al

Hi, I have the following weird problem with syslinux, and I was hoping that some1 on this list might be able to help: I am using syslinux 3.86 on CentOS-5.4 64bit. I'm creating a custom installation image for my distribution (customized centos). I first create a file with the image, and later on I write it to a USB disk. This procedure have been working quite good for a very long time.

Greets all, Is there a list of functions that have been removed from flac? I am trying to compile xmcd, which is admittedly pretty old code, and it's not finding: FLAC__stream_encoder_set_write_callback FLAC__stream_encoder_set_seek_callback FLAC__stream_encoder_set_client_data FLAC__stream_encoder_init grepping through the flac headers these aren't there so I'm assuming they've

On Wed, Jun 7, 2023 at 10:46 AM TTT <lists at telium.io> wrote: > I’ve reread the documentation a few times, and what isn’t clear is whether > I need an app=X parameter in the url. In other words, can I only get > events for a single named statis app? Or can I get events for the entire > Asterisk server? > > > > The command below (without app= parameter) results in

I’ve reread the documentation a few times, and what isn’t clear is whether I need an app=X parameter in the url. In other words, can I only get events for a single named statis app? Or can I get events for the entire Asterisk server? The command below (without app= parameter) results in no events being shown, but no error either. Thanks Brian (Ast newbie) From: asterisk-users

hello and thanks for reading this, i am doing a volunteer project for a school in harlem,ny. they have had donated 30 nics computers from thinknic.com. it can pxe boot. it had a cdrom and it has no hard drive. i am looking for ways to boot windows98 on these machines. i read on some site that memdisk can be used on legacy os. before i spend days testing it out, is it possible to boot windows98

Hello all, I wanted to ask some experienced users some settings about oggenc. 1. How can I setup oggenc so that I can DIRECTLY rip tracks off my audio cd? As we all know, audio cd doens't really have a file format that we can directly use. Do I HAVE to convert them to wav files then convert them to ogg files? 2. The options: -b -m -M with the bitrate of the audio file. If I set something

Hi, I recently migrated from Windows to Linux. I´ve used Linux quite a bit in server-enviroments, but as a desktop I have very little experience. I am now looking for a tool to rip CD´s to Ogg with CDDA support. I´ve tried KonCD, but it lacks features and is abit buggy. Sure, I can use cdparanoia, rename the wav´s to the right names and then encode to ogg via oggenc. But since I use X I

I scanned the website with linkchecker and found quite a lot of dead links. This commit fixes or removes them. --- developers.html | 2 +- documentation_tasks.html | 2 +- download.html | 12 ++++++------ faq.html | 2 +- features.html | 2 +- feeds/feed.xml | 8 ++++++++ format.html | 8 ++++----

Package: xen-utils-3.2-1 Severity: grave Hi, maintainer! This message about the error concerns a few packages at once. I've tested all the packages (for Lenny) on my Debian mirror. All scripts of packages (marked as executable) were tested. In some packages I've discovered scripts with errors which may be used by a user for damaging important system files or user's files. For

I scanned the website with linkchecker and found quite a lot of dead links. This commit fixes or removes them. --- developers.html | 2 +- documentation_tasks.html | 2 +- download.html | 14 +++++++------- faq.html | 2 +- features.html | 2 +- feeds/feed.xml | 8 ++++++++ format.html | 8 ++++----

Hi, I was wondering if anyone had a good dhcpd.conf and /tftpboot files for a EPIA-M motherboard with RedHat 9.0.... Or maybe just a configuration that works with the EPIA-M (doesn't matter which type of linux). I'm trying to boot the system from the network and it seems to be getting to downloading pxelinux.0 but then nothing happens after that.... I'm using ISC dhcpd V3.0pl2,

Rogier has told me that one-time commercial announcements for security products supported under Linux fits into our linux-security charter, so here is a quick one, if you aren''t interested in commercial security products, hit ''D'' now. :-) [mod: We''re all interested in linux and security. That''s what this list is about. This is linux and security

Hi list, I have no idea if Damien Miller had the time to work on that. I have an initial patch to authenticate using PKCS#11 and ECDSA keys. This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the required interfaces to override the signature function pointer for ECDSA. The only limitation is that the OpenSSL API misses some cleanup function (finish, for instance), hence I have yet

hello and thanks for reading this, with the help of this group so far, i am using bootscriptor from bootscriptor.org combined with memdisk to boot a win98 boot disk. it boot into the windows98 version of dos. the cool thing about the floppy is that it has a compressed image that mounts as a drive letter. much like linux. i can create floppy images no problem. what i am trying to do is create a

http://bugzilla.mindrot.org/show_bug.cgi?id=614 Summary: bug in krb4 support for OpenSSH on IRIX 64-bit ABI Product: Portable OpenSSH Version: 3.6.1p2 Platform: MIPS URL: http://lib.natur.cuni.cz/komanek/webland/html/unix/opens sh_patches.html OS/Version: IRIX Status: NEW Severity: normal