similar to: [PATCH] Fix buffer overrun

Hi, The attached patch extends the mux listener to accept SOCKS requests in addition to the native mux commands. The rationale behind is that creating tunnels attached to TCP ports is a security hazard in multi-user machines where there is no way to control who connects through the tunnels. On the other hand, The mux UNIX domain socket binds to the file system and regular permissions can be

https://bugzilla.mindrot.org/show_bug.cgi?id=2304 Bug ID: 2304 Summary: forwarding syntax changed -L a/b/c/d format removed - but not documented Product: Portable OpenSSH Version: 6.7p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5 Component:

Later versions of OpenSSH allow the user to forward connections also to/from Unix sockets. This patch allows to use Unix sockets as the target when forwarding the local stdio using the -W feature. -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Allow-forwarding-of-stdio-to-streamlocal-end-points.patch Type: application/text Size: 5796 bytes Desc: not

On Tue, Nov 24, 2015 at 12:57 AM, Damien Miller <djm at mindrot.org> wrote: > TCP is the kernel's responsibility. I guess that these values get > copied into each TCB from the copy managed via proc at connection > start time, but never updated afterwards. > This had to happen but the question is why is it possible to increase a timeout but not to decrease it. --

Hi, at work we have hundreds of machines, and for various of reasons, their hostnames (with domain) do not reflect their physical location. This means that for host "a.bb.cc" i have to go through jump host "jump1.bb.cc", and for "c.bb.cc" i have to go through jump host "jump2.bb.cc". which jump host should be used can be deduced by IP, but it looks that

Hi, Just a usecase that I'm sure has been covered before but just in case its not an openssh solution would be very helpful. I was trying to install software on a server that was firewalled so no outbound http connections would work. I was also tunnelling via another server. Outbound ssh connections also were a convenient option. What would have been nice would be a remote version of

-------- Original Message -------- Subject: password quality compliance Date: Fri, 14 Jan 2005 10:45:37 +0100 From: fandino <fandino@ng.fadesa.es> Reply-To: fandino@ng.fadesa.es To: samba@lists.samba.org Hello list, I'd like to have an advice about how to configure samba with password quality compliance. My file server is running samba 3.0.10 with a ldap backend and the users

Hi, I'm running an 8E1 setup to an SS7 carrier. The setup works but when we start hitting the 80 active calls mark the link became unstable. I found a lot of the following messages afecting my d channel Jun 25 15:49:55 ostional kernel: [385661.368857] dahdi: HDLC Receiver overrun on channel TE4/0/1/31 (master=TE4/0/1/31) Im using TE410P dahdi-linux-2.4.1.2.tar.gz dahdi-tools-2.4.1.tar.gz

We recently upgraded our NT4 Domain to Win2k. We use Samba 2.0.7 running on Solaris 2.6 servers. We are getting buffer overuns in the log files when running 'domain_client_validate' which appears to be due to extensive group membership (SID History is not being used). Are there any patches/fixes available to get round this problem? Thankyou in anticipation. Regards, Rich Sprigg

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Stack buffer overflow in nmbd's logon == request processing. == == CVE ID#: CVE-2007-4572 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: Processing of specially crafted GETDC == mailslot requests can result in a

Asterisk Project Security Advisory - AST-2017-002 Product Asterisk Summary Buffer Overrun in PJSIP transaction layer Nature of Advisory Buffer Overrun/Crash Susceptibility Remote Unauthenticated Sessions Severity Critical

If the file size wasn't a multiple of 64KB, we could overwrite the next entry in the malloc arena so reading the initramfs would fail. Signed-off-by: Colin Watson <cjwatson at ubuntu.com> --- com32/gfxboot/gfxboot.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/com32/gfxboot/gfxboot.c b/com32/gfxboot/gfxboot.c index dd4d641..0fbfadd 100644 ---

Hello, Our UC-KLEE tool discovered a memcpy() read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c). This bug may allow a malicious user to leak private kernel heap data across the VMware VMCI interface (in a nearly identical fashion to the OpenSSL Heartbleed vulnerability from 2014), but the impact is probably minimal since this interface is only used for local

Hello, Our UC-KLEE tool discovered a memcpy() read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c). This bug may allow a malicious user to leak private kernel heap data across the VMware VMCI interface (in a nearly identical fashion to the OpenSSL Heartbleed vulnerability from 2014), but the impact is probably minimal since this interface is only used for local

Hello, I've observed in some tests that getValueTypeList() is sometimes called with type MVT::iPTR. There is a discrepancy between the size of the array VTs and the use in getTypeValueList(). The array is allocated with space for elements up to LAST_VALUE_TYPE and iPTR is defined after it. The enumerator value of iPTR is between LAST_VALUE_TYPE and LastSimpleValueType. For this reason the

Hi Duncan, I've modified my backend such that the function isn't called anymore with iPTR. I still think that if iPTR is an invalid input to getValueTypeList() that the function should have at least an assert checking that. Thanks, Javier Hi Javier, > I've observed in some tests that getValueTypeList() is sometimes called > with type MVT::iPTR. I think this is a bug,

Hi Javier, > I’ve modified my backend such that the function isn’t called anymore > with iPTR. I still think that if iPTR is an invalid input to > getValueTypeList() that the function should have at least an assert > checking that. I agree - please post a patch adding one. Ciao, Duncan.

Hello, The attached patch is to add an assert to getValueTypeList() to verify that for simple value types their value is NOT between MAX_ALLOWED_VALUETYPE and LastSimpleValueType (inclusive) as this causes a buffer overrun. Thanks, Javier -----Original Message----- From: Duncan Sands [mailto:baldrick at free.fr] Sent: Tuesday, April 27, 2010 5:07 AM To: Martinez, Javier E Cc: LLVM Developers

Hello All, I've just been made aware of Asterisk and have installed it. Things seem to be working: I can dial from the console the internal numbers and hear the answerphone messages and do other interesting stuff. however when I hangup the call I see a continuous stream of messages saying "Sound: Recording overrun" appear on ALL my linux consoles and I can't see what I'm

Hi, When I dial into asterisk I set it up in extensions.conf so it will play some messages, but when I dial in asterisk picks up but I hear no sound. There is moments of silence where the audio should be playing but I get nothing. I checked /var/log/messages to see what was wrong and I got the following error: Jun 29 20:46:33 eclipse kernel: Sound: Recording overrun Does this mean