similar to: Xen Security Advisory 25 (CVE-2012-4544, CVE-2012-2625) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Xen Security Advisory CVE-2012-4544 / XSA-25 Xen domain builder Out-of-memory due to malicious kernel/ramdisk ISSUE DESCRIPTION ================= The Xen PV domain builder contained no validation of the size of the supplied kernel or ramdisk either before or after decompression. This could cause the toolstack to consume all available RAM

Package: xen Severity: important Tags: security Justification: user security hole Hi, This issue is still unfixed in Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625 Patch: http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe Cheers, Moritz

The Xen netback implementation contains a couple of flaws which can allow a guest to cause a DoS in the backend domain, potentially affecting other domains in the system. CVE-2013-0216 is a failure to sanity check the ring producer/consumer pointers which can allow a guest to cause netback to loop for an extended period preventing other work from occurring. CVE-2013-0217 is a memory leak on an

All, Has anyone had any thoughts/discussion on providing a malicious call trace feature within Asterisk. Most legacy PBX's support this feature which allows a handset user to indicate using DTMF during a call that it's a malicious call which instructs the PBX to send a specific Q931 message over the ISDN to the providers switch telling it to log the call details as malicious for later

This repository has begun triggering alerts in my enterprises trend micro solution this morning. centos.firehosted.com/7.2.1511/updates/x86_64/repodata/repomd.xml Any tips on ensuring this repository is never queried by my systems ? It seems to keep getting picked up on freshly deployed vagrants for development at this time. Thanks, Corey Erickson

Directory name have some malicious characters, is it safe?How can I exclude some characters,thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190520/e3ea2c53/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smiley-laughing.gif Type: image/gif

How is that dangerous? If you pipe output from a directory listing to *any* command you need to sanitize it. That's normal if you have data that can be created by a user. The issue is known since the very beginning of Linux

Hi! I use OpenSuse 12.1 and I have written to OpenSuse security maillist but noone can help me. Here is an OpenSuse forum topic where have describe the problem in details: http://forums.opensuse.org/english/get-technical-help-here/network-internet/476052-i-think-its-virus-while-nmbd-running-some-web-sites-redirected-broken.html Here is a Ukrainian key media recourse http://www.pravda.com.ua/

Hello Osama, and Hisham, At 1330GMT there was some malicious activity coming from your network IP 37.75.210.90. Please act accordingly. Things that may be of use "972599779558" N.

Use scripts to create some malicious directories. Here is my creation process. How can I prevent the creation of these directories? I used the python imapclient script to create a directory. There may be no big threat to dovecot, but it is dangerous for doveadm. -------------- next part -------------- An HTML attachment was scrubbed... URL:

https://bugzilla.samba.org/show_bug.cgi?id=11949 Bug ID: 11949 Summary: A malicious sender can still use symlinks to overwrite files Product: rsync Version: 3.1.2 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee:

Did you tell postfix it's talking to dovecot? Aki On 25.03.2018 20:29, Vladimir Tiukhtin wrote: > > Hi guys. > > I am getting strange error: > > > BUG: Unknown command in userdb socket: CPID?2625 > > > I am using service auth? to authenticate users on postfix. > > *My OS*: > > # cat /etc/os-release > NAME="CentOS Linux" >

Ah i see. try this: dovecot.conf: service auth { ?? unix_listener /var/spool/postfix/private/auth { ???????? owner = postfix ???????? group = postfix ???????? mode = 0600 ? } } postfix.conf: smtpd_sasl_path = private/auth Aki On 26.03.2018 11:25, Vladimir Tiukhtin wrote: > > Hello > > Yes, please find my postfix config: > > smtpd_sasl_type = dovecot > #smtpd_sasl_path =

Dovecot has some special socket names, auth-userdb is one of those. Aki On 26.03.2018 14:47, Vladimir Tiukhtin wrote: > > Hi > > What you have suggested works. > > service auth { > ?? unix_listener /var/spool/postfix/private/auth { > ???????? user = postfix > ???????? group = postfix > ???????? mode = 0600 > ? } > } > > This works as well: > >

Hi all, Testing would be appreciated (esp. Ron?): I'd like to push this as soon as possible into 2.6.23. I thought of it while pondering kvm-lite, and then proved it was a problem... == If a Guest makes hypercall which sets a GDT entry to not present, we currently set any segment registers using that GDT entry to 0. Unfortunately, this is not sufficient: there are other ways of altering

Hi all, Testing would be appreciated (esp. Ron?): I'd like to push this as soon as possible into 2.6.23. I thought of it while pondering kvm-lite, and then proved it was a problem... == If a Guest makes hypercall which sets a GDT entry to not present, we currently set any segment registers using that GDT entry to 0. Unfortunately, this is not sufficient: there are other ways of altering

Hi All, I am using Centos4.0 and running Squid Reverse Proxy for image caching , i have configured RAMDISK of 265 MB for one cache folder in preproduction environment for testing now i have upgraded RAM upto 8GB, but when i change ramdisk_size parameter in grub.conf and rebooted the server when i tried to format and mount it doesn't work. Can anyone please help me how to increase RAMDISK

Hi, are there any plannings to integrate a kind of ramdisk funktionality into ext3? I imagine a dynamic ramdisk into which only modified files of a read-only mounted ext3 are copied in order to have read-write access without really writing (because the filesystem is on a compact flash disk, for example). Regards, Daniel -- <> d.vollbrecht@scram.de -> <http://www.scram.de>

I know this is not a question for syslinux itself, but a question for syslinux usage on Linux. I use pxelinux to boot Linux. I know I can use "root=/dev/nfs nfsroot=ip:/dir" to mount the NFS as root file system. But it needs me to prepare several different directories for different clients and each directory should include a initrd.gz copy (e.g., cp/mv/mkdir utilities, etc). My

Hi, I''m trying to boot XEN via network, so I''m trying to create a rootfilesystem over a RAM disk for XEN. Has anyone done that before? Thanks, Gianluca _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users