Does anyone know if this affects Debian Woody (php4
4.1.2-4) too?
Tnx
- Forwarded message from CERT Advisory -
Date: Mon, 22 Jul 2002 19:09:01 -0400 (EDT)
From: CERT Advisory
To: cert-advisory@cert.org
Organization: CERT(R) Coordination Center - +1 412-268-7090
Subject: CERT Advisory CA-
Evidently not -- Read down that message a bit:
Debian
Debian GNU/Linux stable aka 3.0 is not vulnerable.
Debian GNU/Linux testing is not vulnerable.
Debian GNU/Linux unstable is vulnerable.
The problem effects PHP versions 4.2.0 and 4.2.1. Woody ships
As stated in the Appendix A of the full advisory, Debian stable and
testing are not vulnerable.
This is because they are still using PHP 4.1.x (the exploit only affects
PHP 4.2.0 and 4.2.1).
Debian unstable (i.e. sid) is vulnerable, as it uses PHP 4.2.1, and from
what I can see as of this
post
Hi debian security geeks.
I have a woody box running as a mail gateway with postfix (popbeforesmtp
and local relay for 192.168.2.1) and pop3 (soon to be imap just need
outlook 2002 in the company as it supports multiple imap and pop3
accounts). My problem is that my log seem to be running full of
* Lars Roland Kristiansen ([EMAIL PROTECTED]) [020723 00:37]:
> Hi debian security geeks.
>
> I have a woody box running as a mail gateway with postfix (popbeforesmtp
> and local relay for 192.168.2.1) and pop3 (soon to be imap just need
> outlook 2002 in the company as it supports multiple imap a
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tue, 23 Jul 2002, Vineet Kumar wrote:
> * Lars Roland Kristiansen ([EMAIL PROTECTED]) [020723 00:37]:
> > Hi debian security geeks.
> >
> > I have a woody box running as a mail gateway with postfix (popbeforesmtp
> > and local relay for 192.168.2.1) and pop3 (soon to be imap just need
> > outl
On Tue, 23 Jul 2002 at 10:11:31 +0200, Lars Roland Kristiansen wrote:
> On Tue, 23 Jul 2002, Vineet Kumar wrote:
> [...]
> > This doesn't look particularly harmful, but if it is the "unknown" part
> > that is scaring you, try adding an entry for 192.168.2.1 in /etc/hosts.
> > Other than that, it ju
Yep this is it - tanks
On Tue, 23 Jul 2002, Tomasz Papszun wrote:
> If I understand you correctly, you wonder what goes on when this host
> connects and later disconnects _without_ sending anything.
>
> You can have more details in log about this host's activity if you add to
> main.cf:
> debug_p
Dumb question time. Does anyone know a way to limit kernel
messages to one vt? This has gets to be particularly
annoying if you go overboard with grsecurity audit messages :-)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon <[EMAIL PROTECTED]> wrote:
>Dumb question time. Does anyone know a way to limit kernel
>messages to one vt? This has gets to be particularly
>annoying if you go overboard with grsecurity audit messages :-)
At the end of /etc/syslog.conf I've changed :
On Tue, Jul 23, 2002 at 11:50:52AM +0100, Alan James wrote:
> On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon <[EMAIL PROTECTED]> wrote:
>
> >Dumb question time. Does anyone know a way to limit kernel
> >messages to one vt? This has gets to be particularly
> >annoying if you go overboard with grsecu
Hello Alan,
Tuesday, July 23, 2002, 4:50:52 PM, you wrote:
AJ> On Tue, 23 Jul 2002 11:47:53 +0100, Dale Amon <[EMAIL PROTECTED]> wrote:
>>Dumb question time. Does anyone know a way to limit kernel
>>messages to one vt? This has gets to be particularly
>>annoying if you go overboard with grsecuri
Dale Amon écrivait :
> Doesn't seem to shut it up. I'm running syslog-ng and I commented out the
> console destination and am using only a line that logs to vt8. But despite
> that, even if I kill syslog-ng entirely, I still get grsec and iptables
> messages on all vt's.
There is also direct cons
No. I think its the kernel-logger klogd. in
/etc/init.d/klogd u will find a line looking like this:
KLOGD=""
change it to:
KLOGD="-c 4"
that will give the option "-c 4" to klogd and will turn of (hopefully)
console logging.
/etc/init.d/klogd restart of course.
regards,
philipp
On Tue, 23
On Tue, Jul 23, 2002 at 06:13:46PM +0700, Jean Christophe ANDR?? wrote:
> Dale Amon ?crivait :
> > Doesn't seem to shut it up. I'm running syslog-ng and I commented out the
> > console destination and am using only a line that logs to vt8. But despite
> > that, even if I kill syslog-ng entirely, I
Hello,
I'm helping someone to install a webserver, and we're trying to make it
a little secure. It's a Woody with Apache 1.3.26 and PHP 4.1.2. For the
users we have a ProFTPd with mod_sql (the users are in the database).
Currently all the site are set to user www-data and when the user access
wit
Hi,
StarK wrote:
>
> What kind of security can I use to avoid this ? Can we chroot the PHP
> (Yes I know it's a strange sentence :) ?
i know two useable solutions:
1. care about every service:
use SuEXEC for CGIs, Safe Mode for PHP, a good directory and right
structure.
2. chroot everything
j
On Tue, Jul 23, 2002 at 03:31:20PM +0200, Ralf Dreibrodt wrote:
> > What kind of security can I use to avoid this ? Can we chroot the PHP
> > (Yes I know it's a strange sentence :) ?
>
> 1. care about every service:
>
> use SuEXEC for CGIs, Safe Mode for PHP, a good directory and right
> structur
Sam Vilain <[EMAIL PROTECTED]> writes:
> Boris Daix <[EMAIL PROTECTED]> wrote:
>
>>- Can I safely give an SSH key to my backup user without any
>> passphrase so that it could be automated via cron ?
>
> You can use `ssh-keygen -f single_action_key' to create a key for remote
> execution
Hi,
From: Dale Amon <[EMAIL PROTECTED]>
Subject: Re: Can you direct kernel messages?
Date: Tue, 23 Jul 2002 12:44:10 +0100
> On Tue, Jul 23, 2002 at 06:13:46PM +0700, Jean Christophe ANDR?? wrote:
> >
> > There is also direct console kernel loging.
> > You can reduce by using dmesg (man dmesg =>
21 matches
Mail list logo