Displaying 20 results from an estimated 2000 matches similar to: "[dizznutt@my.security.nl: icecast 1.3.11 remote shell/root exploit - #temp]"
2004 Aug 06
0
[dizznutt@my.security.nl: [Secure] Full analysis of multiple remotely exploitable bugs in Icecast 1.3.11]
hi,
don't know whether this is already covered in the list,
sorry if it's old news...
is there any 1.3.11 bugfix release out there? can't find things
on icecast.org
attached the email from bugtraq.
best, uno
<p>
<strong>attached mail follows:</strong><hr noshade>
Hello,
Attached is a full analysis to accompany the earlier disclosed remote root/shell
2004 Aug 06
0
Fwd: Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)
Hi There,
re. the recently reported buffer overflow in icecast, is there any
"official" security patch against 1.3.11 ? I am reluctant to take any
un-official patch like this one ;-)
There is nothing on www.icecast.org/releases, maybe it's somewhere else ?
Thanks.
Alfredo
<p><p>>Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
>List-Id:
2004 Aug 06
6
URGENT: security exploit fix
To all users:
The recently exploits announced at bugtraq can be fixed by the following
patch. This patch should fix a few other potential holes as well, and I
will post a followup patch soon that is even more thorough.
Note: this exploit would give the attacker priviledges of the user
running icecast. If you are running icecast as a normal user account or
as root, this would be a good time to
2004 Aug 06
6
URGENT: security exploit fix
To all users:
The recently exploits announced at bugtraq can be fixed by the following
patch. This patch should fix a few other potential holes as well, and I
will post a followup patch soon that is even more thorough.
Note: this exploit would give the attacker priviledges of the user
running icecast. If you are running icecast as a normal user account or
as root, this would be a good time to
2004 Aug 06
2
Full analysis of the remotely exploitable icecast 1.3.x bugs
Hello Icecast folks,
Attached is an analysis I slapped together detailing the exact specifics
of the bug that is exploited with the icecast exploit I disclosed earlier
this week. Furthermore it details another remotely exploitable bug. I sent
this to team@icecast.org and to Jack Moffit, but have not received a response
as of yet. So if people, like I noticed in the icecast@xiph.org list, are
2004 Oct 08
2
Number of characters per line
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Received-SPF: none (hypatia: domain of tofesi at web.de does not designate permitted sender hosts)
X-Virus-Scanned: by amavisd-new at stat.math.ethz.ch
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on hypatia.math.ethz.ch
X-Spam-Level: *
X-Spam-Status: No, hits=1.9 required=5.0
2006 Sep 11
1
scp files with ':' in filename
greetings,
would it be a good idea to include within the scp man pages, how one would
use scp to copy files which have the ' : ' character in the filename?
a friend struggled a little trying to do this, discovered the answer on
google, i thought it might be usefull to have in the man pages too.
the solution was to use the files' full path so that scp recognised it as a
file.
please cc
2007 Mar 27
2
Re: [Gnash] Fw: Linux.com: Swfdec Officially Adds Flash 7 Video Support (But Not 8 or 9)
Does swfdec work on AMD 64-bit systems?
On 3/27/07, D?niel Fraga <fragabr@gmail.com> wrote:
> URL:
> http://linuxtoday.com/news_story.php3?ltsn=2007-03-27-010-26-NW-SW-DV
> Free software fans of YouTube jumped for joy last week when developer
> Benjamin Otte announced on his blog that the free Swfdec Flash player
> has reached the point where it can play YouTube's Flash
2006 May 12
1
CentOS mailing list probe message (fwd)
With the latest message I send to the CentOS list I got this strange
'probe' message. The included bounce example has nothing to do with my
email-adres, but rather with someone subscribed to the list.
So it seems that somehow the mailinglist manager is sending bounces to the
wrong email-adres. Or I do not understand the 'probe' message (and the
included bounce message) at all.
2008 Apr 18
2
plockstat: failed to add to aggregate: Abort due to drop
when check java process lock statistics, plockstat failed, please see below:
# prstat -mLp 21162
PID USERNAME USR SYS TRP TFL DFL LCK SLP LAT VCX ICX SCL SIG PROCESS/LWPID
21162 7677 0.9 0.1 0.0 0.0 0.0 99 0.0 0.3 83 89 215 0 java/81
21162 7677 0.3 0.1 0.0 0.0 0.0 0.0 99 0.2 106 33 305 0 java/35
21162 7677 0.1 0.0 0.0 0.0 0.0 100 0.0 0.1 79 6 85 0 java/59
2005 Mar 09
0
[Asterisk-Dev] 1.0.7 Release Candidate
Hey everyone,
I posted bug #3746 for people to report on the latest code in the stable
branch. Once I get enough reports that it is working fine, we will
release 1.0.7.
Thanks,
Russell Bryant
_______________________________________________
Asterisk-Dev mailing list
Asterisk-Dev@lists.digium.com
http://lists.digium.com/mailman/listinfo/asterisk-dev
To UNSUBSCRIBE or update options visit:
2004 Sep 03
0
Changing the value of an object's slot in a method
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Received-SPF: none (hypatia: domain of tofesi at web.de does not designate permitted sender hosts)
X-Virus-Scanned: by amavisd-new at stat.math.ethz.ch
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on hypatia.math.ethz.ch
X-Spam-Level:
X-Spam-Status: No, hits=0.2 required=5.0
2004 Sep 23
0
Re: Your Amazon.com Inquiry
Greetings from Amazon.com.
We're sorry. You replied to a notification-only address that cannot
accept incoming e-mail. But that's OK--this automated response will
direct you to the right place at Amazon.com to answer your question or
help you make changes to your order.
To change any unshipped orders, make other changes to your account, or
view your order history, visit:
2007 Nov 12
0
Heading to LISA
Hi all,
I''ll be at LISA starting tomorrow afternoon. I have a panel with
other config-mgmt authors on Thursday and I''m running BoFs at night,
but I''ll otherwise likely be trawling the hallways looking for
conversation. Track me down if you''re there; I''ll do my best to wear
a bike cap every day or something to simplify recognizing me.
--
2011 Jul 07
0
printing problem from a program with wine
i'm trying to set up a customer who has two printers attached to their computer
one is some sort of okidata color laser printer, which seems to work fine
the other one is a brother HL-4040CDN, which prints fine from a Linux based application such as open office.
when i try to print from a program in wine, however, I can't for the life of me get it to print properly to legal sized paper,
2003 Oct 06
1
vif() from Design and car
Hi,
I've been generating linear models with lm(). I wanted to look at the
VIF's for the coefficient. Using the vif() function from the package
Design, I would get unusually high VIF's.
However using vif() from the car package I get more reasonable values
(ie in line with the quality of the model).
What is the difference between the two vif functions? (I dont have
access to the
2005 May 06
0
Three simple steps help you sav a lot on quality tablets.
"Select from a wide variety of brand name and generic rneds. It is
legitimate to select licensed chemist-sites to place the
or-der.,Customers have better selections for rnedicals on ereection
dysfunction, pain, man's care, highcholesterol, stress and obesity. It
is easier to stay healthier."
[1]Embrace super value and check quality medicals on
2003 Sep 14
1
title for plot contain 4 subplots
Hi,
I'm plotting 4 graphs on one page (2x2 matrix) but I cant seem to get
the title for the whole page right.
I'm doing:
op <- par(mfrow = c(2,2), pty="s")
hist(var$V2, breaks="FD",main="Euclidean Metric", xlab="Sum of 3NN ...
hist(var$V2, breaks="FD",main="Manhattan Metric", xlab="Sum of 3NN ...
hist(var$V2,
2004 Aug 06
1
Encrypted password problem with icecast 1.3.11
Hi All,
I have recently downloaded and compiled IceCast 1.3.11 with the crypt option
turned on. Once I did this I have not been able to access the ADMIN console
through telnet. I got the latest version of mkpasswd from CVS and compiled
it. I have included the encrypted version of the password into the
configuration file and then started icecast.
Am I doing something wrong? One thing that
2004 Aug 06
0
[ icecast 1.3.11 win32 version ...]
sorry folks, i should have done this properly the first time i post my
changes. the attachment contains a gzipped version of unified recursive
diff ... this diff is made between a fresh cvs copy of icecast 1.3.11
and the source branch of icecast 1.3.11-mingw that i have. some things
are missing, but don't worry about that. i'm not going to explain why
individual files present in one