Does anyone know if this affects Debian Woody (php4
4.1.2-4) too?
Tnx
- Forwarded message from CERT Advisory cert-advisory@cert.org -
Date: Mon, 22 Jul 2002 19:09:01 -0400 (EDT)
From: CERT Advisory cert-advisory@cert.org
To: cert-advisory@cert.org
Organization: CERT(R) Coordination Center
Evidently not -- Read down that message a bit:
Debian
Debian GNU/Linux stable aka 3.0 is not vulnerable.
Debian GNU/Linux testing is not vulnerable.
Debian GNU/Linux unstable is vulnerable.
The problem effects PHP versions 4.2.0 and 4.2.1. Woody ships
As stated in the Appendix A of the full advisory, Debian stable and
testing are not vulnerable.
This is because they are still using PHP 4.1.x (the exploit only affects
PHP 4.2.0 and 4.2.1).
Debian unstable (i.e. sid) is vulnerable, as it uses PHP 4.2.1, and from
what I can see as of this
Hi debian security geeks.
I have a woody box running as a mail gateway with postfix (popbeforesmtp
and local relay for 192.168.2.1) and pop3 (soon to be imap just need
outlook 2002 in the company as it supports multiple imap and pop3
accounts). My problem is that my log seem to be running full of
* Lars Roland Kristiansen ([EMAIL PROTECTED]) [020723 00:37]:
Hi debian security geeks.
I have a woody box running as a mail gateway with postfix (popbeforesmtp
and local relay for 192.168.2.1) and pop3 (soon to be imap just need
outlook 2002 in the company as it supports multiple imap and
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Tue, 23 Jul 2002, Vineet Kumar wrote:
* Lars Roland Kristiansen ([EMAIL PROTECTED]) [020723 00:37]:
Hi debian security geeks.
I have a woody box running as a mail gateway with postfix (popbeforesmtp
and local relay for 192.168.2.1) and pop3 (soon to be imap just need
outlook 2002
On Tue, 23 Jul 2002 at 10:11:31 +0200, Lars Roland Kristiansen wrote:
On Tue, 23 Jul 2002, Vineet Kumar wrote:
[...]
This doesn't look particularly harmful, but if it is the unknown part
that is scaring you, try adding an entry for 192.168.2.1 in /etc/hosts.
Other than that, it just looks
Yep this is it - tanks
On Tue, 23 Jul 2002, Tomasz Papszun wrote:
If I understand you correctly, you wonder what goes on when this host
connects and later disconnects _without_ sending anything.
You can have more details in log about this host's activity if you add to
main.cf:
Dumb question time. Does anyone know a way to limit kernel
messages to one vt? This has gets to be particularly
annoying if you go overboard with grsecurity audit messages :-)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon [EMAIL PROTECTED] wrote:
Dumb question time. Does anyone know a way to limit kernel
messages to one vt? This has gets to be particularly
annoying if you go overboard with grsecurity audit messages :-)
At the end of /etc/syslog.conf I've changed :
On Tue, Jul 23, 2002 at 11:50:52AM +0100, Alan James wrote:
On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon [EMAIL PROTECTED] wrote:
Dumb question time. Does anyone know a way to limit kernel
messages to one vt? This has gets to be particularly
annoying if you go overboard with grsecurity
Hello Alan,
Tuesday, July 23, 2002, 4:50:52 PM, you wrote:
AJ On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon [EMAIL PROTECTED] wrote:
Dumb question time. Does anyone know a way to limit kernel
messages to one vt? This has gets to be particularly
annoying if you go overboard with grsecurity audit
Dale Amon écrivait :
Doesn't seem to shut it up. I'm running syslog-ng and I commented out the
console destination and am using only a line that logs to vt8. But despite
that, even if I kill syslog-ng entirely, I still get grsec and iptables
messages on all vt's.
There is also direct console
No. I think its the kernel-logger klogd. in
/etc/init.d/klogd u will find a line looking like this:
KLOGD=
change it to:
KLOGD=-c 4
that will give the option -c 4 to klogd and will turn of (hopefully)
console logging.
/etc/init.d/klogd restart of course.
regards,
philipp
On Tue, 23 Jul
On Tue, Jul 23, 2002 at 06:13:46PM +0700, Jean Christophe ANDR?? wrote:
Dale Amon ?crivait :
Doesn't seem to shut it up. I'm running syslog-ng and I commented out the
console destination and am using only a line that logs to vt8. But despite
that, even if I kill syslog-ng entirely, I still
Hello,
I'm helping someone to install a webserver, and we're trying to make it
a little secure. It's a Woody with Apache 1.3.26 and PHP 4.1.2. For the
users we have a ProFTPd with mod_sql (the users are in the database).
Currently all the site are set to user www-data and when the user access
Hi,
StarK wrote:
What kind of security can I use to avoid this ? Can we chroot the PHP
(Yes I know it's a strange sentence :) ?
i know two useable solutions:
1. care about every service:
use SuEXEC for CGIs, Safe Mode for PHP, a good directory and right
structure.
2. chroot everything
On Tue, Jul 23, 2002 at 03:31:20PM +0200, Ralf Dreibrodt wrote:
What kind of security can I use to avoid this ? Can we chroot the PHP
(Yes I know it's a strange sentence :) ?
1. care about every service:
use SuEXEC for CGIs, Safe Mode for PHP, a good directory and right
structure.
A
Sam Vilain [EMAIL PROTECTED] writes:
Boris Daix [EMAIL PROTECTED] wrote:
- Can I safely give an SSH key to my backup user without any
passphrase so that it could be automated via cron ?
You can use `ssh-keygen -f single_action_key' to create a key for remote
execution of scripts.
Hi,
From: Dale Amon [EMAIL PROTECTED]
Subject: Re: Can you direct kernel messages?
Date: Tue, 23 Jul 2002 12:44:10 +0100
On Tue, Jul 23, 2002 at 06:13:46PM +0700, Jean Christophe ANDR?? wrote:
There is also direct console kernel loging.
You can reduce by using dmesg (man dmesg = -n
21 matches
Mail list logo
