Displaying 20 results from an estimated 300 matches similar to: "Xen Security Advisory 25 (CVE-2012-4544, CVE-2012-2625) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk"
2012 Oct 26
0
Xen Security Advisory 25 (CVE-2012-4544) - Xen domain builder Out-of-memory due to malicious kernel/ramdisk
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Xen Security Advisory CVE-2012-4544 / XSA-25
Xen domain builder Out-of-memory due to malicious kernel/ramdisk
ISSUE DESCRIPTION
=================
The Xen PV domain builder contained no validation of the size of the
supplied kernel or ramdisk either before or after decompression. This
could cause the toolstack to consume all available RAM
2012 Sep 19
5
Bug#688125: xen: CVE-2012-2625
Package: xen
Severity: important
Tags: security
Justification: user security hole
Hi,
This issue is still unfixed in Wheezy:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625
Patch:
http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe
Cheers,
Moritz
2013 Feb 06
0
[PATCH 0/4] XSA-39 CVE-2013-021[67]: Linux netback DoS via malicious guest ring.
The Xen netback implementation contains a couple of flaws which can
allow a guest to cause a DoS in the backend domain, potentially
affecting other domains in the system.
CVE-2013-0216 is a failure to sanity check the ring producer/consumer
pointers which can allow a guest to cause netback to loop for an
extended period preventing other work from occurring.
CVE-2013-0217 is a memory leak on an
2003 Aug 12
1
Malicious Call Trace
All,
Has anyone had any thoughts/discussion on providing a malicious call trace feature within Asterisk. Most legacy PBX's support this feature which allows a handset user to indicate using DTMF during a call that it's a malicious call which instructs the PBX to send a specific Q931 message over the ISDN to the providers switch telling it to log the call details as malicious for later
2016 Feb 09
1
centos.firehosted.com / tagged as malicious
This repository has begun triggering alerts in my enterprises trend
micro solution this morning.
centos.firehosted.com/7.2.1511/updates/x86_64/repodata/repomd.xml
Any tips on ensuring this repository is never queried by my systems ?
It seems to keep getting picked up on freshly deployed vagrants for
development at this time.
Thanks,
Corey Erickson
2019 May 20
0
Directory name have some malicious characters.
Directory name have some malicious characters, is it safe?How can I
exclude some characters,thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190520/e3ea2c53/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smiley-laughing.gif
Type: image/gif
2019 May 20
0
Create a malicious directory
How is that dangerous?
If you pipe output from a directory listing to *any* command you need to sanitize it.
That's normal if you have data that can be created by a user. The issue is known since the very beginning of Linux
2012 Jun 27
0
when nmb is on some web-sites are redirected to malicious pages
Hi!
I use OpenSuse 12.1 and I have written to OpenSuse security maillist but
noone can help me.
Here is an OpenSuse forum topic where have describe the problem in details:
http://forums.opensuse.org/english/get-technical-help-here/network-internet/476052-i-think-its-virus-while-nmbd-running-some-web-sites-redirected-broken.html
Here is a Ukrainian key media recourse http://www.pravda.com.ua/
2013 Jan 06
1
Malicious traffic comming from 37.75.210.90
Hello Osama, and Hisham,
At 1330GMT there was some malicious activity coming from your network
IP 37.75.210.90. Please act accordingly. Things that may be of use
"972599779558"
N.
2019 May 20
3
Create a malicious directory
Use scripts to create some malicious directories. Here is my creation
process. How can I prevent the creation of these directories?
I used the python imapclient script to create a directory.
There may be no big threat to dovecot, but it is dangerous for doveadm.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2016 Jun 03
4
[Bug 11949] New: A malicious sender can still use symlinks to overwrite files
https://bugzilla.samba.org/show_bug.cgi?id=11949
Bug ID: 11949
Summary: A malicious sender can still use symlinks to overwrite
files
Product: rsync
Version: 3.1.2
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
Assignee:
2018 Mar 26
0
BUG: Unknown command in userdb socket: CPID?2625
Did you tell postfix it's talking to dovecot?
Aki
On 25.03.2018 20:29, Vladimir Tiukhtin wrote:
>
> Hi guys.
>
> I am getting strange error:
>
>
> BUG: Unknown command in userdb socket: CPID?2625
>
>
> I am using service auth? to authenticate users on postfix.
>
> *My OS*:
>
> # cat /etc/os-release
> NAME="CentOS Linux"
>
2018 Mar 26
0
BUG: Unknown command in userdb socket: CPID?2625
Ah i see.
try this:
dovecot.conf:
service auth {
?? unix_listener /var/spool/postfix/private/auth {
???????? owner = postfix
???????? group = postfix
???????? mode = 0600
? }
}
postfix.conf:
smtpd_sasl_path = private/auth
Aki
On 26.03.2018 11:25, Vladimir Tiukhtin wrote:
>
> Hello
>
> Yes, please find my postfix config:
>
> smtpd_sasl_type = dovecot
> #smtpd_sasl_path =
2018 Mar 26
0
BUG: Unknown command in userdb socket: CPID?2625
Dovecot has some special socket names, auth-userdb is one of those.
Aki
On 26.03.2018 14:47, Vladimir Tiukhtin wrote:
>
> Hi
>
> What you have suggested works.
>
> service auth {
> ?? unix_listener /var/spool/postfix/private/auth {
> ???????? user = postfix
> ???????? group = postfix
> ???????? mode = 0600
> ? }
> }
>
> This works as well:
>
>
2007 Aug 07
1
[PATCH] Fix Malicious Guest GDT Host Crash
Hi all,
Testing would be appreciated (esp. Ron?): I'd like to push this as soon
as possible into 2.6.23. I thought of it while pondering kvm-lite, and
then proved it was a problem...
==
If a Guest makes hypercall which sets a GDT entry to not present, we
currently set any segment registers using that GDT entry to 0.
Unfortunately, this is not sufficient: there are other ways of
altering
2007 Aug 07
1
[PATCH] Fix Malicious Guest GDT Host Crash
Hi all,
Testing would be appreciated (esp. Ron?): I'd like to push this as soon
as possible into 2.6.23. I thought of it while pondering kvm-lite, and
then proved it was a problem...
==
If a Guest makes hypercall which sets a GDT entry to not present, we
currently set any segment registers using that GDT entry to 0.
Unfortunately, this is not sufficient: there are other ways of
altering
2007 Dec 18
1
How To increase RAMDISK in CENTOS 4
Hi All,
I am using Centos4.0 and running Squid Reverse Proxy for image caching , i have configured RAMDISK of 265 MB for one cache folder in preproduction environment for testing now i have upgraded RAM upto 8GB, but when i change ramdisk_size parameter in grub.conf and rebooted the server when i tried to format and mount it doesn't work. Can anyone please help me how to increase RAMDISK
2003 Aug 14
0
ext3 integrated ramdisk funktionality
Hi,
are there any plannings to integrate a kind of ramdisk funktionality
into ext3? I imagine a dynamic ramdisk into which only modified files of
a read-only mounted ext3 are copied in order to have read-write access
without really writing (because the filesystem is on a compact flash
disk, for example).
Regards, Daniel
--
<> d.vollbrecht@scram.de
-> <http://www.scram.de>
2008 Mar 14
0
How to use syslinux to mount initial ramdisk as root file system and mount NFS to "/mnt/nfs"?
I know this is not a question for syslinux itself, but a question for
syslinux usage on Linux.
I use pxelinux to boot Linux. I know I can use "root=/dev/nfs
nfsroot=ip:/dir" to mount the NFS as root file system. But it needs me
to prepare several different directories for different clients and
each directory should include a initrd.gz copy (e.g., cp/mv/mkdir
utilities, etc).
My
2008 Jun 28
0
root filesystem on a ramdisk
Hi,
I''m trying to boot XEN via network, so I''m trying to create a
rootfilesystem over a RAM disk for XEN. Has anyone done that before?
Thanks,
Gianluca
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users