Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
USSR Advisory Code: USSR-99025
Release Date:
December 27, 1999 [1/5]
Systems Affected:
Rover POP3 Server V1.1 NT and possibly others versions.
About The Software:
Rover POP3 Server V1.1 NT From aVirt, is a full-featured
>> I should like to know why more apps don't require the *bsd
>> {proc,kern}fs interface.
Near as I can figure, it goes like this:
Nobody mounts them because nobody uses them.
Nobody uses them because they're never mounted.
> Under modern BSD4.4, the preferred method is using s
> Any ideas how to get rid of this problem? It is nasty. It is very
> nasty and makes strace unusable for anything security-sensitive.
Unfortunately, as long as the information is fetched from userland by
userland via ptrace, with an opportunity for it to change before the
kernel uses it, there
Bugtraq recently contained a description and discussion of 3 problems with
the Lotus Domino Server. The original posting is appended below.
The first one concerns overly verbose error messages that may provide
information that could be used in a topology attack against Lotus
Domino. I
!Hispahack Research Team
http://hispahack.ccc.de
Program: w3-msql (miniSQL 2.0.4.1 - 2.0.11)
Platform: *nix
Risk: Remote access
Author: Zhodiac <[EMAIL PROTECTED]>
Date: 24/12/1999
- Problem:
===
Distribution of miniSQL packet (http://hughes.com.au) comes with a cgi
(w3-m
Hi!
Non-root users can change the SPEED of shaped interface. I.e., usual user
can run "shapecfg speed shaper0 XXX" with success result. In my case
non-root user increases speed of shaped interface to my proxy server. Yep,
NO ANY suid's on `which shapecfg`. It's has 0755 permission.
All if this m
Ralf-P. Weinmann writes:
> However I'd like to point out that you could add call a routine to
> compute the MD5 or SHA-1 hash of the data copied with copy_from_user()
> in sys_init_module() and reject it if it doesn't match a precomputed
> value (which has to be securely stored somewhere in kernel
On Wed, 22 Dec 1999, Desi Hacker wrote:
> during the exploiting process.. the final step as instructed by the auther
> doesn't work
>
> ftp> get "--use-compress-program=sh blah".tar
> or
> ftp> get "--use-compress-program=sh blah".tar
>
> instead is gives a warning of permission denied!
> in case
On Fri, Dec 24, 1999 at 08:51:21AM +0200, Alexey Chetroi wrote:
> On Wed, 22 Dec 1999, David Malone wrote:
>
> > On Wed, Dec 22, 1999 at 04:47:25AM +, Desi Hacker wrote:
> >
> > The ftpaccess man page contains the following example line:
> >
> > path-filter anonymous /etc/pathmsg ^[-A-Za-
FYI
- Original Message -
From: "Microsoft Product Security Response Team" <[EMAIL PROTECTED]>
To: "'Matt'" <[EMAIL PROTECTED]>
Sent: Saturday, December 25, 1999 12:52 PM
Subject: RE: Re-release of Microsoft Security Bulletin MS99-046
> Hi Matt -
>
> Thanks for your note. I'm sorry, but
Hi!
When you see snippet from strace, that says:
open("/etc/passwd", O_RDONLY) = 3
Do you trust it? You should not.
Malicious program could open _any_ file on filesystem with this
syscall. Here is example of such malicious program:
void
main(void)
{
char *c = 0x9400;
open( "
WebWho+ - ADVISORY.
hhp-ADV#13
11/26/99 2:48:03am CST
By: loophole
[EMAIL PROTECTED] - http://hhp.perlx.com
What?: Hole in WebWho+, a whois cgi.
~
On Tue, 21 Dec 1999, Rob Jones wrote:
> with or without these double-quotes the message is immediately dropped
> on redhat linux with the message
Oops! Yes, apparently this problem affects all versions of Sendmail, but
only with .cf file left from 8.8.x or previous releases. In fact, obsolete
.c
FTPPro v.7.5
FTPPro stores credit card information in multiple locations, unprotected,
and in plain text.
The program consists of 2 files, FTPPro20.exe and FTPPro20.hlp. These
files do not require their directory to be in the working %PATH%
statement.
When the program initializes for the firs
Keith Owens <[EMAIL PROTECTED]> writes:
> On Tue, 21 Dec 1999 14:33:50 -0800,
> [EMAIL PROTECTED] wrote:
> >At boot, compile the list of modules that are 'known good' (for the sake
> >of argument, it's the /lib/modules/x.y.z), then write the list, with
> >MD5 checksums, to a write once /proc inte
On Tue, Dec 21, 1999 at 03:35:34PM -0500, Ajax wrote:
> An alternative solution would be to read such information from kernfs,
> usually (although optionally) mounted at /kern. kernfs is the *bsd
> equivalent to many of the files in linux's /proc. This would, of
> course, require the app to be r
// Yuri Kuzmenko, system administrator
// LIGA ONLINE - http://www.liga.kiev.ua
-- Forwarded message --
Date: Thu, 23 Dec 1999 19:49:11 +0200 (EET)
From: Yuri Kuzmenko <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: BUG? Non-root user can configure traffic shaper (2.2.13)
Hi!
17 matches
Mail list logo