I heard there is a security bug in cvs 1.11.1 and 1.11.1pl1.
http://mail.gnu.org/pipermail/info-cvs/2002-February/024475.html
I try to check potato's cvs, but it seems to me that there is no such
bug. Did anyone try it?
--
NOKUBI Takatsugu
E-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] /
On Wed, 13 Feb 2002, Alain Tesio wrote:
I'm writing a script to chroot services automatically,
I've tested it with bind9, here is the log and the
files I have in the jail, it looks to work.
Looking at the log, I see that your script copies /etc/ld.so.cache to the
chroot jail: this is wrong,
unsubscribe
__
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Cheers,
Cristian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote:
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Nmap from a dial-up connection... or login to some unix host and nmap from there...
Maniac
(Or... just throw your IP into the
Mark Janssen skrev:
On
Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote:
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Nmap from a dial-up connection... or login to some unix host and nmap from
there...
Maniac
(Or... just throw your IP into the
Why don´t you install a telnet server on your machine to do this
job???
Mark Janssen
Not sure if this made to this list.
I haven't confirmed the following, but thought it was worth forwarding.
-xbud
-- Forwarded Message --
Subject: Exim 3.34 and lower (fwd)
Date: Wed, 13 Feb 2002 11:19:49 -0700 (MST)
From: Dave Ahmad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Saw it yesterday and sure enough, it crashes my Exim with a segfault. I
run Exim on Debian 2.2 with no modifications.
-A. Dave
xbud wrote:
Not sure if this made to this list.
I haven't confirmed the following, but thought it was worth forwarding.
-xbud
-- Forwarded Message
On Thursday 14 February 2002 16:20, Cristian Ionescu-Idbohrn wrote:
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Cheers,
Cristian
try http://scan.sygatetech.com its the most thorrough i know you can choose
between quick/stealth/udp/tcp etc. scans
On Wed, 2002-02-13 at 20:37, Jeff Bonner wrote:
I have not, knock on wood, had a box compromised in
any way, so I have no practical experience in that regard. Whether
that's the result of my security efforts, or just pure luck, who knows.
I've had to deal with boxes built and maintained by
hi ya
this question was just posted a week or two ago.
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
-- simple answer...
- apply all the rootkits against your firewalls/routers
- generally... in summary...
- what is your security
hi jeff
and for more (dozen or so ) scanners --
online or offline( needs/wants your email addy )
http://www.Linux-Sec.net/Audit/nmap.test.gwif.html
have fun
alvin
http://www.Linux-1U.net ... up to 5-NIC 1U firewalls
its nice that nmap says that port 25 is open for your mail server...
but
On 15 Feb 2002 05:20 PM, Alvin Oga wrote:
its nice that nmap says that port 25 is open for your mail server...
but ... i'd like it to tell me that sendmail/exim is vulnerable or not
( at least the latest/greatest version with latest/greatest buggs )
AFAIK, the SecuritySpace scanner is the
Hi,
all of you probably got the following mail:
From: Tim Haynes [EMAIL PROTECTED]
Date: Thu, 14 Feb 2002 21:02:45 + (GMT)
Subject: Re: root's home world readable (part 24 of 24)
Message-Id: [EMAIL PROTECTED]
With the following content:
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Feb 1
Title: ¢¿¢½¡Ú "Çöó¿öµµ»ç" °¡¶ó»ç´ë...
Hello,
We have received your request to join the RealEstateAtCodwellBanker group
at Yahoo! Groups, home to free, easy-to-use email groups. To become a
member of the RealEstateAtCodwellBanker group, please confirm your
request by replying to this message.
If you did not request, or do not
On Mon, Jan 21, 2002 at 07:54:03PM +0100, eim wrote:
Hallo debian-sec folks,
While I was checking up some configurations,
I've noticed that the root's home directory /root
is world readable...
$ drwxr-xr-x2 root root 4.0k Jan 21 15:33 root
This seems to be Debian's
bash-2.05$ uname -a
OpenBSD www 3.0 GENERIC#27 sparc64
drwx-- 3 root wheel 512 Jan 24 22:19 root
Sean
On Thursday 14 February 2002 13:49, Jacques Lav!gnotte hammered on some keys:
On Mon, Jan 21, 2002 at 07:54:03PM +0100, eim wrote:
Hallo debian-sec folks,
While I was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
maybe this can help:
install rcconf, a tool for selecting which scripts from /etc/init.d are going
to run at boot time and deselect inetd;
it will be disabled, but still on your hard disk
you asked for a circumvention of the problem, not for a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stefan Srdic [EMAIL PROTECTED] writes:
On Wed 13 Feb 02 19:14, Howland, Curtis wrote:
Would simply commenting out all the lines in inetd.conf be sufficient?
I realize that this is not the same as uninstalling, but it's not clear
what the
Hello,
In the description for libpam-heimdal it says: This module should only
be used for local logins unless you really know what you are doing. On
the other hand it is quite tempting to use it for IMAP servers etc, so
what are the issues? Is it that it is easy to make misstakes in
Arne Nordmark [EMAIL PROTECTED] writes:
Hello,
In the description for libpam-heimdal it says: This module should only
be used for local logins unless you really know what you are doing. On
the other hand it is quite tempting to use it for IMAP servers etc, so
what are the issues? Is it
Yes, clearly SSL, SSH or something similar must be used to encrypt the
communication, so the interesting question is whether there are other
issues.
Arne
Torbjorn Pettersson wrote:
Arne Nordmark [EMAIL PROTECTED] writes:
Hello,
In the description for libpam-heimdal it says: This
I heard there is a security bug in cvs 1.11.1 and 1.11.1pl1.
http://mail.gnu.org/pipermail/info-cvs/2002-February/024475.html
I try to check potato's cvs, but it seems to me that there is no such
bug. Did anyone try it?
--
NOKUBI Takatsugu
E-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] /
On Wed, 13 Feb 2002, Alain Tesio wrote:
I'm writing a script to chroot services automatically,
I've tested it with bind9, here is the log and the
files I have in the jail, it looks to work.
Looking at the log, I see that your script copies /etc/ld.so.cache to the
chroot jail: this is wrong,
unsubscribe
__
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com
On Wed, Feb 13, 2002 at 07:26:56PM +0100, Alain Tesio wrote:
Hi, I didn't look at your problem precisely,
I'm writing a script to chroot services automatically,
I've tested it with bind9, here is the log and the
files I have in the jail, it looks to work.
Hope this helps, I'll release the
On Wed, Feb 13, 2002 at 11:12:36PM +0100, Marcus Frings wrote:
Wednesday, February 13, 2002, 9:16:48 PM, Reagan Blundell wrote:
Feb 13 17:04:40 iridium named[1525]: none:0: open: /etc/bind/rndc.key: \
file not found
Its looking for the rndc.key file in /etc/bind/ which would be
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Cheers,
Cristian
On Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote:
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Nmap from a dial-up connection... or login to some unix host and nmap from there...
Maniac
(Or... just throw your IP into the
Mark Janssen skrev:
On
Thu, 2002-02-14 at 16:20, Cristian Ionescu-Idbohrn wrote:
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
Nmap from a dial-up connection... or login to some unix host and nmap from
there...
Maniac
(Or... just throw your IP into the
Why don´t you install a telnet server on your machine to do this
job???
Mark Janssen
Not sure if this made to this list.
I haven't confirmed the following, but thought it was worth forwarding.
-xbud
-- Forwarded Message --
Subject: Exim 3.34 and lower (fwd)
Date: Wed, 13 Feb 2002 11:19:49 -0700 (MST)
From: Dave Ahmad [EMAIL PROTECTED]
To:
On Wed, 2002-02-13 at 20:37, Jeff Bonner wrote:
I have not, knock on wood, had a box compromised in
any way, so I have no practical experience in that regard. Whether
that's the result of my security efforts, or just pure luck, who knows.
I've had to deal with boxes built and maintained by
hi ya
this question was just posted a week or two ago.
Greetings,
Yes, I would like to do that.
Any good tools you folks would recommand?
-- simple answer...
- apply all the rootkits against your firewalls/routers
- generally... in summary...
- what is your security policy...
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Feb 1 04:58:15 sunbird uservd[19110]: call connected
Feb 1 04:58:15 sunbird uservd/check[19109]: uservd[535] is running
Feb 1 04:58:15 sunbird uservd[19110]: call connected
Feb 1 04:58:15 sunbird uservd/check[19109]: uservd[535] is running
From
On 15 Feb 2002 10:21 AM, Cristian Ionescu-Idbohrn wrote:
Any good tools you folks would recommand?
Ideally you'd get a shell somewhere and do it yourself with nmap or the
like (or use a dial-up on a separate machine nearby, same result), as
has already been suggested here -- it would be helpful
On Wed, Feb 13, 2002 at 09:39:02PM -0800, Ted Cabeen wrote:
You shouldn't use the update-rc.d script to remove init.d scripts. If you
do, when you upgrade the package, all of the scripts should be reinstalled.
Read the man page for update-rc.d for info on how to turn off a service and
ensure
hi jeff
and for more (dozen or so ) scanners --
online or offline( needs/wants your email addy )
http://www.Linux-Sec.net/Audit/nmap.test.gwif.html
have fun
alvin
http://www.Linux-1U.net ... up to 5-NIC 1U firewalls
its nice that nmap says that port 25 is open for your mail server...
but
On 15 Feb 2002 05:20 PM, Alvin Oga wrote:
its nice that nmap says that port 25 is open for your mail server...
but ... i'd like it to tell me that sendmail/exim is vulnerable or not
( at least the latest/greatest version with latest/greatest buggs )
AFAIK, the SecuritySpace scanner is the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Content-Type: text/plain; charset=us-ascii
In message [EMAIL PROTECTED], Petro writes:
On Wed, Feb 13, 2002 at 09:39:02PM -0800, Ted Cabeen wrote:
You shouldn't use the update-rc.d script to remove init.d scripts. If you
do, when you upgrade the
On Thu, Feb 14, 2002 at 10:11:48AM +0100, Arne Nordmark wrote:
In the description for libpam-heimdal it says: This module should only
be used for local logins unless you really know what you are doing. On
the other hand it is quite tempting to use it for IMAP servers etc, so
what are the
Hi,
all of you probably got the following mail:
From: Tim Haynes [EMAIL PROTECTED]
Date: Thu, 14 Feb 2002 21:02:45 + (GMT)
Subject: Re: root's home world readable (part 24 of 24)
Message-Id: [EMAIL PROTECTED]
With the following content:
Unusual System Events
=-=-=-=-=-=-=-=-=-=-=
Feb 1
Title: ♧♡★ "플라워도사" 가라사대...
--
Get your free email from www.linuxmail.org
Powered by Outblaze
46 matches
Mail list logo