-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello All,
I can confirm that the ls strings dos' slackware 8.0. Causes shell process of
that user (user or root) to chew up the cpu until the shell terminates on sig
11.
Works on any shell the user is using, csh, ksh, bash
Tested on:
Linux 2.2.1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello All,
I can confirm that the ls strings dos' slackware 8.0. Causes shell process of that
user (user or root) to chew up the cpu until the shell terminates on sig 11.
Works on any shell the user is using, csh, ksh, bash
Tested on:
Linux 2.2.1
At 03:40 PM 3/29/2002, martin f krafft wrote:
ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
...
DenyFilter \*.*/
Just as a quick question, why not deny the string "/../" (you may have to
deny the regex "/\.\./", depending how the filter in question works)?
As far a
At 03:40 PM 3/29/2002, martin f krafft wrote:
> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
...
> DenyFilter \*.*/
Just as a quick question, why not deny the string "/../" (you may have to
deny the regex "/\.\./", depending how the filter in question works)?
As far as
On Thu, Apr 04, 2002 at 01:06:26AM +0200, martin f krafft wrote:
> because it will prevent s.d.o from serving a buggy package. it's not
> fixed perfectly, but at least it's not subject to a known exploit.
Could you be a little more careful with your terms? A DOS is not an
exploit, it's a DOS. By s
On Thu, Apr 04, 2002 at 01:09:27AM +0200, martin f krafft wrote:
> this problem is understood by the developers of proftpd
Wichert said that nobody has explained why the current fix on s.d.o
doesn't work. If the problem is understood, why hasn't someone
explained this? That's all that is asked,
On Wed, Apr 03, 2002 at 02:43:10PM -0800, Petro wrote:
> On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> > "Release early; release often."
>
> NO
>
> Measure twice, cut once.
i haven't really been following this thread, but i like analogies as
much as the next person,
also sprach Nathan E Norman <[EMAIL PROTECTED]> [2002.04.03.0732 +0200]:
> > well, i am calm, but i disagree. sure, it boils down to the question
> > who debian's audience are, but for all i am concerned, debian's
> > reputation _used_ to include "security", and the reason why i'd (as in
> > "would
also sprach Andrew Pimlott <[EMAIL PROTECTED]> [2002.04.03.1805 +0200]:
> On Wed, Apr 03, 2002 at 10:54:25AM -0500, Andrew Pimlott wrote:
> > I think Wichert's position
>
> ... reflects appropriate discipline, given the (relatively modest)
> severity of the problem.
i also have to agree with you
also sprach Andrew Pimlott <[EMAIL PROTECTED]> [2002.04.03.1754 +0200]:
> There are several good reasons:
>
> - If a band-aid fix is allowed, there is less incentive to find
> the correct fix.
true. doesn't mean that we have to fall into that hole.
> - If the problem isn't understood, th
On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> "Release early; release often."
NO
Measure twice, cut once.
--
Share and Enjoy.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Apr 03, 2002 at 10:56:32AM +0900, Howland, Curtis wrote:
> I would bet that the vast majority of "flame wars" begin because someone
> mistakes "terse" or "concise" for hostility.
>
> The reverse, being the endless spewing of meaningless words, all the while
> saying nothing at all or eve
On Thu, Apr 04, 2002 at 01:06:26AM +0200, martin f krafft wrote:
> because it will prevent s.d.o from serving a buggy package. it's not
> fixed perfectly, but at least it's not subject to a known exploit.
Could you be a little more careful with your terms? A DOS is not an
exploit, it's a DOS. By
On Thu, Apr 04, 2002 at 01:09:27AM +0200, martin f krafft wrote:
> this problem is understood by the developers of proftpd
Wichert said that nobody has explained why the current fix on s.d.o
doesn't work. If the problem is understood, why hasn't someone
explained this? That's all that is asked,
On Wed, Apr 03, 2002 at 02:43:10PM -0800, Petro wrote:
> On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> > "Release early; release often."
>
> NO
>
> Measure twice, cut once.
i haven't really been following this thread, but i like analogies as
much as the next person,
also sprach Nathan E Norman <[EMAIL PROTECTED]> [2002.04.03.0732 +0200]:
> > well, i am calm, but i disagree. sure, it boils down to the question
> > who debian's audience are, but for all i am concerned, debian's
> > reputation _used_ to include "security", and the reason why i'd (as in
> > "woul
also sprach Andrew Pimlott <[EMAIL PROTECTED]> [2002.04.03.1805 +0200]:
> On Wed, Apr 03, 2002 at 10:54:25AM -0500, Andrew Pimlott wrote:
> > I think Wichert's position
>
> ... reflects appropriate discipline, given the (relatively modest)
> severity of the problem.
i also have to agree with you
also sprach Andrew Pimlott <[EMAIL PROTECTED]> [2002.04.03.1754 +0200]:
> There are several good reasons:
>
> - If a band-aid fix is allowed, there is less incentive to find
> the correct fix.
true. doesn't mean that we have to fall into that hole.
> - If the problem isn't understood, t
On Wed, Apr 03, 2002 at 09:22:34AM +, Martin WHEELER wrote:
> "Release early; release often."
NO
Measure twice, cut once.
--
Share and Enjoy.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Apr 03, 2002 at 10:56:32AM +0900, Howland, Curtis wrote:
> I would bet that the vast majority of "flame wars" begin because someone mistakes
>"terse" or "concise" for hostility.
>
> The reverse, being the endless spewing of meaningless words, all the while saying
>nothing at all or even
On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
> > 'time' is RFC 868, a pre-NTP time synchronization protocol. It just
> > sends the time as a 32-bit int, where:
> >
> > "The time is the number of seconds since 00:00 (midnight) 1 January 1900
> > GMT, such that the time 1 is 12
Olaf Meeuwissen wrote:
> Basically, I'd like to keep the setup as closed as possible so I make
> a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let
> the DHCPDISCOVER broadcast out (and a reply back in eventually, taking
> this one step at a time ;-). At least, that's what I thou
[ Followup to incomplete send. ]
On Wed, Apr 03, 2002 at 10:54:25AM -0500, Andrew Pimlott wrote:
> I think Wichert's position
... reflects appropriate discipline, given the (relatively modest)
severity of the problem.
Andrew
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "uns
On Wed, Apr 03, 2002 at 03:22:39AM +0200, martin f krafft wrote:
> but give me at least one argument why these acts cannot combine with
> a *temporary* fix uploaded to the so-called "security archives".
There are several good reasons:
- If a band-aid fix is allowed, there is less incentive to f
On Wed, Apr 03, 2002 at 09:16:03AM +0200, Emmanuel Lacour wrote:
> > 'time' is RFC 868, a pre-NTP time synchronization protocol. It just
> > sends the time as a 32-bit int, where:
> >
> > "The time is the number of seconds since 00:00 (midnight) 1 January 1900
> > GMT, such that the time 1 is 1
Olaf Meeuwissen wrote:
> Basically, I'd like to keep the setup as closed as possible so I make
> a hole in /etc/dhclient-enter-hooks during the PREINIT stage to let
> the DHCPDISCOVER broadcast out (and a reply back in eventually, taking
> this one step at a time ;-). At least, that's what I tho
[ Followup to incomplete send. ]
On Wed, Apr 03, 2002 at 10:54:25AM -0500, Andrew Pimlott wrote:
> I think Wichert's position
... reflects appropriate discipline, given the (relatively modest)
severity of the problem.
Andrew
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "un
On Wed, Apr 03, 2002 at 03:22:39AM +0200, martin f krafft wrote:
> but give me at least one argument why these acts cannot combine with
> a *temporary* fix uploaded to the so-called "security archives".
There are several good reasons:
- If a band-aid fix is allowed, there is less incentive to
"Release early; release often."
--
Martin Wheeler <[EMAIL PROTECTED]> gpg key 01269BEB @ the.earth.li
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lupe Christoph <[EMAIL PROTECTED]> writes:
> On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
>
> > I am playing with packet filtering on a DHCP client and trying to get
> > it done the right way.
>
> The right way is to dispense w
On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
> I am playing with packet filtering on a DHCP client and trying to get
> it done the right way.
The right way is to dispense with DHCP. The protocol has no security
whatsoever. Read RFC2131, "7. Security Considerations" for detai
On Tue, Apr 02, 2002 at 11:49:53AM -0700, Will Aoki wrote:
> On Tue, Apr 02, 2002 at 10:23:21AM -0800, Anne Carasik wrote:
> > On Tue, Apr 02, 2002 at 07:45:21PM +0200, eim wrote:
> > > A question about some network services
> > > ==
> > >
> > > Hallo Debian fol
"Release early; release often."
--
Martin Wheeler <[EMAIL PROTECTED]> gpg key 01269BEB @ the.earth.li
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lupe Christoph <[EMAIL PROTECTED]> writes:
> On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
>
> > I am playing with packet filtering on a DHCP client and trying to get
> > it done the right way.
>
> The right way is to dispense
On Wednesday, 2002-04-03 at 14:02:20 +0900, Olaf Meeuwissen wrote:
> I am playing with packet filtering on a DHCP client and trying to get
> it done the right way.
The right way is to dispense with DHCP. The protocol has no security
whatsoever. Read RFC2131, "7. Security Considerations" for deta
35 matches
Mail list logo