buffer overflow in /bin/gzip?
in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); --_ anders gjære system engineer +47 414 22 934
buffer overflow in /bin/gzip?
in gzip.c the line: strcpy(nbuf,dir); should maybe be replaced with: strncpy(nbuf, dir,sizeof(nbuf)); --_ anders gjære system engineer +47 414 22 934 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: New IIS worm
LaBrea could maby be interesting for someone http://hts.dshield.org/LaBrea/ its for decreasing the spread of worms witch tryes random ip's mvh anders # -Original Message- # From: Karl E. Jorgensen [mailto:[EMAIL PROTECTED] # Sent: 23. september 2001 18:19 # To: debian-security@lists.debian.org # Subject: Re: New IIS worm # # # On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: # > Karl E. Jorgensen <[EMAIL PROTECTED]> wrote: # > > Doesn't this leave you open to DOS attacks? I'm thinking # that source IP # > > addresses are relatively easy to forge, and hence an # attacher can forge # > > a nimda attach and cause you to block off legitimate IP # addresses - # > > ie. your DNS server our default gateway... # > # > To forge a Nimda attack would require you to forge a TCP # connection. That's # > not easy, unless the attacker is on the network path to the # forged address. # # Obvious, but true. I stand(/sit?) corrected. # # > -- # > Sam Couter | Internet Engineer | # http://www.topic.com.au/ # > [EMAIL PROTECTED]| tSA Consulting | # > OpenPGP key ID: DE89C75C, available on key servers # > OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 # 03AE DE89 C75C # # # -- # Karl E. Jørgensen # [EMAIL PROTECTED] # www.karl.jorgensen.com # Today's fortune: # We don't know who it was that discovered water, but we're pretty sure # that it wasn't a fish. # -- Marshall McLuhan #
RE: New IIS worm
LaBrea could maby be interesting for someone http://hts.dshield.org/LaBrea/ its for decreasing the spread of worms witch tryes random ip's mvh anders # -Original Message- # From: Karl E. Jorgensen [mailto:[EMAIL PROTECTED]] # Sent: 23. september 2001 18:19 # To: [EMAIL PROTECTED] # Subject: Re: New IIS worm # # # On Sun, Sep 23, 2001 at 02:08:40PM +1000, Sam Couter wrote: # > Karl E. Jorgensen <[EMAIL PROTECTED]> wrote: # > > Doesn't this leave you open to DOS attacks? I'm thinking # that source IP # > > addresses are relatively easy to forge, and hence an # attacher can forge # > > a nimda attach and cause you to block off legitimate IP # addresses - # > > ie. your DNS server our default gateway... # > # > To forge a Nimda attack would require you to forge a TCP # connection. That's # > not easy, unless the attacker is on the network path to the # forged address. # # Obvious, but true. I stand(/sit?) corrected. # # > -- # > Sam Couter | Internet Engineer | # http://www.topic.com.au/ # > [EMAIL PROTECTED]| tSA Consulting | # > OpenPGP key ID: DE89C75C, available on key servers # > OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 # 03AE DE89 C75C # # # -- # Karl E. Jørgensen # [EMAIL PROTECTED] # www.karl.jorgensen.com # Today's fortune: # We don't know who it was that discovered water, but we're pretty sure # that it wasn't a fish. # -- Marshall McLuhan # -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Sudo and Chown?
do sudo default allow the sudo-user to run every program, or just the program you spesify? how will sudo work if you use the "time" command? like "time vim /etc/passwd" anders gjære kvalito.no / concept.fr -Original Message- From: Michel Kaempf [mailto:[EMAIL PROTECTED] Sent: 13. juli 2001 10:45 To: debian-security@lists.debian.org Subject: Re: Sudo and Chown? On Thu, Jul 12, 2001, Ethan Benson wrote: > i am not certain that would solve it entirely though, how are you > restricting them to only chown files in a certain directory? Just an idea.. does your sudoers file protect you from attacks like the one below? sudo chown /place/chown/is/allowed/../../../../bin/sh -- MaXX -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Sudo and Chown?
do sudo default allow the sudo-user to run every program, or just the program you spesify? how will sudo work if you use the "time" command? like "time vim /etc/passwd" anders gjære kvalito.no / concept.fr -Original Message- From: Michel Kaempf [mailto:[EMAIL PROTECTED]] Sent: 13. juli 2001 10:45 To: [EMAIL PROTECTED] Subject: Re: Sudo and Chown? On Thu, Jul 12, 2001, Ethan Benson wrote: > i am not certain that would solve it entirely though, how are you > restricting them to only chown files in a certain directory? Just an idea.. does your sudoers file protect you from attacks like the one below? sudo chown /place/chown/is/allowed/../../../../bin/sh -- MaXX -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
