similar to: Security problem with Samba on Linux - affects 3.5.0, 3.4.6 and 3.3.11

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I cannot find anything in the documentation or mailing list that addresses this oddity. I've installed Samba Version 3.4.7 on Ubuntu Server 10.04, and I'm utterly confused by samba's behavior regarding permissions. Users on the server have home directories in /home/chemgroup/username. (chemgroup is actually a symlink to another

I am using Samba 3.5.0 on Arch Linux. I have security = user and am looking to create a new server with a lot of different shares as well as the [homes] share. So far my testing is making me pull my hair out... If I create shares with certain users, everything works fine. However, I see that if I connect to the \\server, the user will see all shares.

If I can merge this thread with the one I started yesterday... > "If the object does not have a class attribute, it has an implicit class..." > which I take to mean that if an object does have a class attribute it does not also have an implicit class. > I think this is reasonable behavior. Consider the "Date" class, which stores values as "numeric": >

FYI, Santa Clara, Calif., Jan. 20, 2003 -- WhiteHat Security, Inc. a Santa Clara, California based company that specializes in Web Application Security, has discovered a serious security flaw affecting all web server world wide. From months of extensive research and testing, WhiteHat has found a way to exploit a flaw in the way all web servers communicate.

Dear Sir/s, Can a crashed centos system be restore to its previous state before it crash? And if so, can you please tell me how to do it? Thanks, your help is very much appreciated. ----- Original Message ----- From: "Richard" <lists-centos at listmail.innovate.net> To: "CentOS mailing list" <centos at centos.org> Sent: Tuesday, November 1, 2016 5:05:59 PM

Hello, I recently upgraded my testserver Centos 5.4 from sernet samba 3.3.11-40.el5 to sernet samba 3.5.0-41.el5. Did no configuration changes. Samba is configured to get users and groups from NT4 PDC through winbind. Before upgrade to 3.5, 'getent group' returned something like that: groupname:x:16777268:user1,user2,user3 etc. Now it only returns: groupname:x:16777268: without

On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: > In article <5818CD31.4050008 at moving-picture.com>, > James Pearson <james-p at moving-picture.com> wrote: >> Leonardo Oliveira Ortiz wrote: >> > RedHat and Centos 4.x can be explored by this flaw? >> >> See: >> >> https://access.redhat.com/security/cve/cve-2016-5195 > > In

Dear R devel Team, There might be a bug in the function "list" for R version 3.5.0 & 3.5.1. For the toy example ``` > list(c=2, d=3) ``` The output is ``` $`c` [1] 2 $d [1] 3 ``` The name of the first variable "c" would come with a redundant "`" symbol. I also have tested it on some older R versions, say 3.4.4, it turns out to be OK, no redundant

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This release is primarily to fix a few bugs that were introduced with the mount.cifs overhaul in the last release. Most of the problems were issues with the handling of capabilities that prevented credential files from being accessed when mount.cifs was run by root. There are a few other changes: - - credential files accept parameter names

Hi everyone, I just saw this and was wondering what people thought. http://it.slashdot.org/story/10/06/21/1652228/VPN-Flaw-Shows-Users-IP-Addresses?from=rss Is Tinc susceptible to the same intrusions? Andy -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20100621/a4ee6647/attachment.htm>

>>>>> Michael Lawrence >>>>> on Tue, 12 Jun 2018 19:27:49 -0700 writes: > Hi Jen, This was already resolved for R 3.5.1 by just > disabling buffering on terminal file connections like stdin. and before R 3.5.1 exists, *and* as the change is also not yet available in R patched (!) this means using a version of "R-devel", e.g. for Windows

Did install from source of libguestfs-1.20.1 on Ubuntu-12.10. And libguestfs-test-tool complains about not finding libcap.so.2 uptime: 2.26 1.00 guestfsd: error while loading shared libraries: libcap.so.2: cannot open shared object file: No such file or directory [ 2.277795] Unregister pv shared memory for cpu 0 [ 2.278324] kvm: exiting hardware virtualization [ 2.278763] sd 2:0:1:0:

------- Forwarded Message Subject: Re: Dubious use of BN_num_bits in sshconnect1.c From: Niels Provos <provos at citi.umich.edu> In-Reply-To: alex at foogod.com, Sun, 18 Feb 2001 19:38:56 PST To: alex at foogod.com Cc: openssh-unix-dev at mindrot.org Date: Mon, 19 Feb 2001 10:07:24 -0500 Sender: provos at citi.umich.edu Hi Alex, there is no problem in OpenSSH. In message

Leonardo Oliveira Ortiz wrote: > RedHat and Centos 4.x can be explored by this flaw? See: https://access.redhat.com/security/cve/cve-2016-5195 James Pearson

Hi Michael: I can confirm Martin's comment. I tested my software with r-devel (r74914) and it works, while with r-patched (r74914) it does not work (it hangs, as it did in R 3.5.0). I apologize for it taking so long for me to test this, but is there any chance this fix could make into R 3.5.1? Thanks. Jen. On Wed, Jun 13, 2018 at 6:24 AM, Michael Lawrence <lawrence.michael at gene.com

My CDR is displaying wildly inaccurate results. When I make a call the CDR records the time between connecting into the server and hanging up, instead of recording the time between dialling from the server to the PSTN destination via VOIP termination. It is alright to log the duration of the connection to the server, but why it does not log calls for termination via voip provider is the main

How does the latest Intel flaw relate to CentOS 6.x systems that run under VirtualBox hosted on Windows 7 computers? Given the virtual machine degree of separation from the hardware, can this issue actually be detected and exploited in the operating systems that run virtually?? If there is a slow down associated with the fix, how much might it impact the virtual systems?

Hi: I have also just stumbled into this bug. Unfortunately, I can not change the data my program receives from stdin. My code runs in a larger system and stdin is sent to a Docker container running my R code. The protocol is I read a line, readLines("stdin", n=1), do some actions, send output on stdout, and wait for the next set of data. I don't have control over this protocol, so

Heketi v5.0.1 is now available. This release[1] fixes a flaw that was found in heketi API that permits issuing of OS commands through specially crafted requests, possibly leading to escalation of privileges. More details can be obtained at CVE-2017-15103. [2] If authentication is turned "on" in heketi configuration, the flaw can be exploited only by those who possess authentication

Has anyone had any problems building on SuSE SLES 8 for s390 with all patches applied... After applying patches to my build server last night, building samba fails with the following... mycomp:/srv/build/samba-3.0.2a/source # make Using FLAGS = -O -I./popt -Iinclude -I/srv/build/samba-3.0.2a/source/include -I /srv/build/samba-3.0.2a/source/ubiqx -I/srv/build/samba-3.0.2a/source/smbwrapper -I.