Displaying 20 results from an estimated 200 matches similar to: "[PATCH] Fix buffer overrun"
2009 Mar 04
2
[PATCH] accept SOCKS request over the mux socket
Hi,
The attached patch extends the mux listener to accept SOCKS requests in
addition to the native mux commands.
The rationale behind is that creating tunnels attached to TCP ports is a
security hazard in multi-user machines where there is no way to control
who connects through the tunnels. On the other hand, The mux UNIX domain
socket binds to the file system and regular permissions can be
2014 Oct 30
2
[Bug 2304] New: forwarding syntax changed -L a/b/c/d format removed - but not documented
https://bugzilla.mindrot.org/show_bug.cgi?id=2304
Bug ID: 2304
Summary: forwarding syntax changed -L a/b/c/d format removed -
but not documented
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component:
2015 Jun 23
2
[PATCH] Allow forwarding of stdio to streamlocal end points
Later versions of OpenSSH allow the user to forward connections also
to/from Unix sockets.
This patch allows to use Unix sockets as the target when forwarding the
local stdio using the -W feature.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Allow-forwarding-of-stdio-to-streamlocal-end-points.patch
Type: application/text
Size: 5796 bytes
Desc: not
2015 Nov 24
3
Why isn't it possible to lower TCP values of running SSH session?
On Tue, Nov 24, 2015 at 12:57 AM, Damien Miller <djm at mindrot.org> wrote:
> TCP is the kernel's responsibility. I guess that these values get
> copied into each TCB from the copy managed via proc at connection
> start time, but never updated afterwards.
>
This had to happen but the question is why is it possible to increase
a timeout but not to decrease it.
--
2015 Nov 18
3
How to add configuration (~/.ssh/config) per ip?
Hi,
at work we have hundreds of machines, and for various of reasons, their
hostnames (with domain) do not reflect their physical location.
This means that for host "a.bb.cc" i have to go through jump host
"jump1.bb.cc", and for "c.bb.cc" i have to go through jump host
"jump2.bb.cc".
which jump host should be used can be deduced by IP, but it looks that
2009 Feb 17
2
Idea: reverse socks proxy
Hi,
Just a usecase that I'm sure has been covered before but just in case
its not an openssh solution would be very helpful.
I was trying to install software on a server that was firewalled so no
outbound http connections would work. I was also tunnelling via
another server. Outbound ssh connections also were a convenient option.
What would have been nice would be a remote version of
2005 Jan 14
1
[Fwd: password quality compliance]
-------- Original Message --------
Subject: password quality compliance
Date: Fri, 14 Jan 2005 10:45:37 +0100
From: fandino <fandino@ng.fadesa.es>
Reply-To: fandino@ng.fadesa.es
To: samba@lists.samba.org
Hello list,
I'd like to have an advice about how to configure samba
with password quality compliance.
My file server is running samba 3.0.10 with a ldap backend
and the users
2011 Jun 25
0
HDLC Overrun with Chan SS7
Hi,
I'm running an 8E1 setup to an SS7 carrier. The setup works but when we
start hitting the 80 active calls mark the link became unstable.
I found a lot of the following messages afecting my d channel
Jun 25 15:49:55 ostional kernel: [385661.368857] dahdi: HDLC Receiver
overrun on channel TE4/0/1/31 (master=TE4/0/1/31)
Im using TE410P
dahdi-linux-2.4.1.2.tar.gz
dahdi-tools-2.4.1.tar.gz
2001 May 09
1
Buffer overrun using W2k.
We recently upgraded our NT4 Domain to Win2k.
We use Samba 2.0.7 running on Solaris 2.6 servers.
We are getting buffer overuns in the log files when running
'domain_client_validate' which appears to be due to extensive group
membership (SID History is not being used).
Are there any patches/fixes available to get round this problem?
Thankyou in anticipation.
Regards,
Rich Sprigg
2007 Nov 15
0
[SECURITY] CVE-2007-4572 - GETDC mailslot processing buffer overrun in nmbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Stack buffer overflow in nmbd's logon
== request processing.
==
== CVE ID#: CVE-2007-4572
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
==
== Summary: Processing of specially crafted GETDC
== mailslot requests can result in a
2017 May 19
0
AST-2017-002: Buffer Overrun in PJSIP transaction layer
Asterisk Project Security Advisory - AST-2017-002
Product Asterisk
Summary Buffer Overrun in PJSIP transaction layer
Nature of Advisory Buffer Overrun/Crash
Susceptibility Remote Unauthenticated Sessions
Severity Critical
2010 Jul 14
1
[PATCH] gfxboot: fix buffer overrun when loading kernel/initramfs
If the file size wasn't a multiple of 64KB, we could overwrite the next
entry in the malloc arena so reading the initramfs would fail.
Signed-off-by: Colin Watson <cjwatson at ubuntu.com>
---
com32/gfxboot/gfxboot.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/com32/gfxboot/gfxboot.c b/com32/gfxboot/gfxboot.c
index dd4d641..0fbfadd 100644
---
2015 Feb 15
1
vmci: read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c)
Hello,
Our UC-KLEE tool discovered a memcpy() read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c). This bug may allow a malicious user to leak private kernel heap data across the VMware VMCI interface (in a nearly identical fashion to the OpenSSL Heartbleed vulnerability from 2014), but the impact is probably minimal since this interface is only used for local
2015 Feb 15
1
vmci: read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c)
Hello,
Our UC-KLEE tool discovered a memcpy() read overrun bug in dg_dispatch_as_host() (drivers/misc/vmw_vmci/vmci_datagram.c). This bug may allow a malicious user to leak private kernel heap data across the VMware VMCI interface (in a nearly identical fashion to the OpenSSL Heartbleed vulnerability from 2014), but the impact is probably minimal since this interface is only used for local
2010 Apr 21
1
[LLVMdev] Bufer overrun in getValueTypeList()
Hello,
I've observed in some tests that getValueTypeList() is sometimes called with type MVT::iPTR. There is a discrepancy between the size of the array VTs and the use in getTypeValueList(). The array is allocated with space for elements up to LAST_VALUE_TYPE and iPTR is defined after it. The enumerator value of iPTR is between LAST_VALUE_TYPE and LastSimpleValueType. For this reason the
2010 Apr 26
2
[LLVMdev] Bufer overrun in getValueTypeList()
Hi Duncan,
I've modified my backend such that the function isn't called anymore with iPTR. I still think that if iPTR is an invalid input to getValueTypeList() that the function should have at least an assert checking that.
Thanks,
Javier
Hi Javier,
> I've observed in some tests that getValueTypeList() is sometimes called
> with type MVT::iPTR.
I think this is a bug,
2010 Apr 27
0
[LLVMdev] Bufer overrun in getValueTypeList()
Hi Javier,
> I’ve modified my backend such that the function isn’t called anymore
> with iPTR. I still think that if iPTR is an invalid input to
> getValueTypeList() that the function should have at least an assert
> checking that.
I agree - please post a patch adding one.
Ciao,
Duncan.
2010 Apr 28
1
[LLVMdev] [Patch] Bufer overrun in getValueTypeList()
Hello,
The attached patch is to add an assert to getValueTypeList() to verify that for simple value types their value is NOT between MAX_ALLOWED_VALUETYPE and LastSimpleValueType (inclusive) as this causes a buffer overrun.
Thanks,
Javier
-----Original Message-----
From: Duncan Sands [mailto:baldrick at free.fr]
Sent: Tuesday, April 27, 2010 5:07 AM
To: Martinez, Javier E
Cc: LLVM Developers
2003 Jun 03
0
Sound: Recording overrun
Hello All,
I've just been made aware of Asterisk and have installed it. Things seem
to be working: I can dial from the console the internal numbers and hear
the answerphone messages and do other interesting stuff.
however when I hangup the call I see a continuous stream of messages
saying "Sound: Recording overrun" appear on ALL my linux consoles and I
can't see what I'm
2004 Jul 01
0
Sound: Record Overrun
Hi,
When I dial into asterisk I set it up in extensions.conf so it will play
some messages, but when I dial in asterisk picks up but I hear no
sound. There is moments of silence where the audio should be playing
but I get nothing. I checked /var/log/messages to see what was wrong
and I got the following error:
Jun 29 20:46:33 eclipse kernel: Sound: Recording overrun
Does this mean