-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 196-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Daniel Jacobowitz
November 14th, 2002
Hello,
I became aware of bug #164283 that seems to me security related and --
even worse -- affects woody. I have not been able to exploit it easily
(by burning /etc/shadow to a CD or something like that) but it really
should be fixed IMHO. The attached patch should fix woody's package.
Torsten
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Instead of cursing do this here as noted in almost every mail closing!
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RTFM
Elvedin T schrieb:
| How long does it take to unsubscribe? I
Hi all.
One question I think that is not very off topic: what mailinglists,
besides bugtraq, would you recommend for someone who wants to keep track
of current security problems? My interest is mainly in security issues
with wireless lan equipment (such as the two security wholes in current
Hello,
Am 11:26 11/11/02 -0800 hat Rich Rudnick geschrieben:
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
I do it too and it filters around 70% of all spam mail
MIchelle
--
To UNSUBSCRIBE, email to [EMAIL
What about readin the Mail-Headers or the Footer of each Message ???
List-Post: mailto:debian-security;lists.debian.org
List-Help: mailto:debian-security-request;lists.debian.org?subject=help
List-Subscribe:
mailto:debian-security-request;lists.debian.org?subject=subscribe
List-Unsubscribe:
What about the mail-Headers ???
List-Post: mailto:debian-security;lists.debian.org
List-Help: mailto:debian-security-request;lists.debian.org?subject=help
List-Subscribe:
mailto:debian-security-request;lists.debian.org?subject=subscribe
List-Unsubscribe:
On Wed, 2002-11-13 at 20:15, Lupe Christoph wrote:
Please read
http://www.hlug.org/modules.php?op=modloadname=Newsfile=articlesid=6mode=threadorder=0thold=0
Is Debian affected?
If I read this (and the CERT advisory) correctly, the trojan only
triggers at compile time, so I don't think
HI
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
Workers from this company ONLY MUST have access to the server in the VPN.
Perhaps some of them must have access to internet only perhaps..
On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
* How to implement this VPN???
I would use IPSEC, but there are other solutions:
has this bug/exploit been fixed for debian stable(woody)?
http://neworder.box.sk/showme.php3?id=7314
--
Kris Amy
System Administrator,
UCB Australia
+---+
| Email: [EMAIL PROTECTED] |
| Phone: +61 411 202 258|
| Msn: [EMAIL PROTECTED] |
| ICQ: 38459156
You are correct insofar as it triggers at compile time for libpcap, the
configure script to be exact. I grabbed a copy of the trojan'ed libpcap
and compiled it in a sandbox machine. You can do a strings of
the compiled libpcap.a and grep for 1963. Doing so yields these results:
Steve Suehring [EMAIL PROTECTED] writes:
You are correct insofar as it triggers at compile time for libpcap, the
configure script to be exact. I grabbed a copy of the trojan'ed libpcap
and compiled it in a sandbox machine. You can do a strings of the
compiled libpcap.a and grep for 1963.
I assume we are aware of this?
Apache has been having a lot of problems lately. ALMOST as bad as
IIS...
- Forwarded message from SGI Security Coordinator [EMAIL PROTECTED] -
From: SGI Security Coordinator [EMAIL PROTECTED]
Subject: Apache Security Vulnerabilities on IRIX
To: [EMAIL
Here's a warning for all who live on the wild side: Sid
updates as of this moment in time have a dangerous
problem. They are de-installing a lib right out
from under dselect and apt.
apt-config: error while loading shared libraries: libstdc++-libc6.2-2.so.3: cannot
open shared object file: No
On Thu, Nov 14, 2002 at 03:28:26PM +0800, Patrick Hsieh wrote:
1. apt-get source bind
2. wget the pacth file from www.isc.org
3. apply the patch
4. dpkg-buildpackage
5. dpkg -i bind*.deb
That will conceivably work *now*. However, news of the vulnerability
was announced before the patches
Iñaki Martínez, 2002-Nov-14 12:43 +0100:
HI
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
Workers from this company ONLY MUST have access to the server in the VPN.
Perhaps some of
On Thu, 2002-11-14 at 16:53, Dale Amon wrote:
Here's a warning for all who live on the wild side: Sid
updates as of this moment in time have a dangerous
problem. They are de-installing a lib right out
from under dselect and apt.
apt-config: error while loading shared libraries:
A simple workaround (in case of) it's to make a symlink to the other
library...
ln -s libstdc++libc6.2-2.so.3 libstdc++-libc6.2-2.so.3
(assuming that you're on /usr/lib)
On Thu, 2002-11-14 at 16:53, Dale Amon wrote:
Here's a warning for all who live on the wild side: Sid
updates as of this
You can also try openvpn (http://openvpn.sourceforge.net/).
On Thu, 14 Nov 2002 12:43:48 +0100
I [EMAIL PROTECTED] wrote:
HI
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
Workers
FYI
Members of The Houston Linux Users Group discovered that the newest sources of libpcap
and tcpdump available from tcpdump.org were contaminated with trojan code. HLUG has
notified the maintainers of tcpdump.org.
Details:
The trojan contains modifications to the configure script and
Hi folks!
I'm wondering if you can offer me some advice like you so kindly have a
couple of times in the past.
This morning, my cocoon2 installation took off unexpectedly, exhausting
all the resources of the box (which isn't too big...). I could connect
to all the open ports, but nothing
On Thu, 14 Nov 2002 at 09:26:10PM +0100, Kjetil Kjernsmo wrote:
File: /lib/modules/2.4.19/modules.dep
Mtime: 2002-11-04 21:16:56 , 2002-11-14 15:18:29
Ctime: 2002-11-04 21:16:56 , 2002-11-14 15:18:29
These module files usually get re-writter with every
On Thu, Nov 14, 2002 at 10:41:12AM -0500, Phillip Hofmeister wrote:
Apache has been having a lot of problems lately. ALMOST as bad as
IIS...
[useful part of message removed :]
My impression is that most of the problems found these days are cross-site
scripting, or at the worst, local
Quoting Raymond Wood ([EMAIL PROTECTED]):
The question is obviously an unpopular one :)
Well, I think it got old. Moreover, and more to the point, FAQed.
Even though Sid is officially not supported by the security team,
still 99 times out of a hundred, a patch or new version will appear in
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this vulnerability was very badly organized (not by the
security team), and the
Hello,
This morning I've read the following in my snort.alert log:
[**] [116:46:1] (snort_decoder) WARNING: TCP Data Offset is less than 5! [**]
11/13-21:21:31.736604 200.207.87.24:0 - 80.84.232.115:0
TCP TTL:117 TOS:0x0 ID:19244 IpLen:20 DgmLen:40
***F Seq: 0x3A6D74 Ack: 0x110 Win:
On Thursday 14 November 2002 14:24, Noah L. Meyerhans wrote:
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this
Hello,
I became aware of bug #164283 that seems to me security related and --
even worse -- affects woody. I have not been able to exploit it easily
(by burning /etc/shadow to a CD or something like that) but it really
should be fixed IMHO. The attached patch should fix woody's package.
Torsten
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Instead of cursing do this here as noted in almost every mail closing!
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RTFM
Elvedin T schrieb:
| How long does it take to unsubscribe? I
Hi all.
One question I think that is not very off topic: what mailinglists,
besides bugtraq, would you recommend for someone who wants to keep track
of current security problems? My interest is mainly in security issues
with wireless lan equipment (such as the two security wholes in current
Hello,
Am 11:26 11/11/02 -0800 hat Rich Rudnick geschrieben:
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
I do it too and it filters around 70% of all spam mail
MIchelle
What about readin the Mail-Headers or the Footer of each Message ???
List-Post: mailto:debian-security@lists.debian.org
List-Help: mailto:[EMAIL PROTECTED]
List-Subscribe:
mailto:[EMAIL PROTECTED]
List-Unsubscribe:
mailto:[EMAIL PROTECTED]
Am 17:42 10/11/02 +0100 hat Maria Larsson geschrieben:
What about the mail-Headers ???
List-Post: mailto:debian-security@lists.debian.org
List-Help: mailto:[EMAIL PROTECTED]
List-Subscribe:
mailto:[EMAIL PROTECTED]
List-Unsubscribe:
mailto:[EMAIL PROTECTED]
Precedence: list
Am 20:13 12/11/02 +0100 hat Ali MECHIRI geschrieben:
Attachment Converted:
On Wed, 2002-11-13 at 20:15, Lupe Christoph wrote:
Please read
http://www.hlug.org/modules.php?op=modloadname=Newsfile=articlesid=6mode=threadorder=0thold=0
Is Debian affected?
If I read this (and the CERT advisory) correctly, the trojan only
triggers at compile time, so I don't think
On Thu, Nov 14, 2002 at 12:43:48PM +0100, Iñaki Martínez wrote:
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
* How to implement this VPN???
I would use IPSEC, but there are other solutions:
has this bug/exploit been fixed for debian stable(woody)?
http://neworder.box.sk/showme.php3?id=7314
--
Kris Amy
System Administrator,
UCB Australia
+---+
| Email: [EMAIL PROTECTED] |
| Phone: +61 411 202 258|
| Msn: [EMAIL PROTECTED] |
| ICQ: 38459156
You are correct insofar as it triggers at compile time for libpcap, the
configure script to be exact. I grabbed a copy of the trojan'ed libpcap
and compiled it in a sandbox machine. You can do a strings of
the compiled libpcap.a and grep for 1963. Doing so yields these results:
Steve Suehring [EMAIL PROTECTED] writes:
You are correct insofar as it triggers at compile time for libpcap, the
configure script to be exact. I grabbed a copy of the trojan'ed libpcap
and compiled it in a sandbox machine. You can do a strings of the
compiled libpcap.a and grep for 1963.
I assume we are aware of this?
Apache has been having a lot of problems lately. ALMOST as bad as
IIS...
- Forwarded message from SGI Security Coordinator [EMAIL PROTECTED] -
From: SGI Security Coordinator [EMAIL PROTECTED]
Subject: Apache Security Vulnerabilities on IRIX
To: [EMAIL
Here's a warning for all who live on the wild side: Sid
updates as of this moment in time have a dangerous
problem. They are de-installing a lib right out
from under dselect and apt.
apt-config: error while loading shared libraries: libstdc++-libc6.2-2.so.3:
cannot open shared object file: No
On Thu, Nov 14, 2002 at 03:28:26PM +0800, Patrick Hsieh wrote:
1. apt-get source bind
2. wget the pacth file from www.isc.org
3. apply the patch
4. dpkg-buildpackage
5. dpkg -i bind*.deb
That will conceivably work *now*. However, news of the vulnerability
was announced before the patches
Iñaki Martínez, 2002-Nov-14 12:43 +0100:
HI
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
Workers from this company ONLY MUST have access to the server in the VPN.
Perhaps some of
On Thu, 2002-11-14 at 16:53, Dale Amon wrote:
Here's a warning for all who live on the wild side: Sid
updates as of this moment in time have a dangerous
problem. They are de-installing a lib right out
from under dselect and apt.
apt-config: error while loading shared libraries:
A simple workaround (in case of) it's to make a symlink to the other
library...
ln -s libstdc++libc6.2-2.so.3 libstdc++-libc6.2-2.so.3
(assuming that you're on /usr/lib)
On Thu, 2002-11-14 at 16:53, Dale Amon wrote:
Here's a warning for all who live on the wild side: Sid
updates as of this
You can also try openvpn (http://openvpn.sourceforge.net/).
On Thu, 14 Nov 2002 12:43:48 +0100
I [EMAIL PROTECTED] wrote:
HI
I must create a VPN between an external company and a server behind my
firewall.
Company---its_routerInternet---my_firewall-server
Workers
FYI
Members of The Houston Linux Users Group discovered that the newest sources of
libpcap and tcpdump available from tcpdump.org were contaminated with trojan
code. HLUG has notified the maintainers of tcpdump.org.
Details:
The trojan contains modifications to the configure script and
Hi folks!
I'm wondering if you can offer me some advice like you so kindly have a
couple of times in the past.
This morning, my cocoon2 installation took off unexpectedly, exhausting
all the resources of the box (which isn't too big...). I could connect
to all the open ports, but nothing
On Thu, 14 Nov 2002 at 09:26:10PM +0100, Kjetil Kjernsmo wrote:
File: /lib/modules/2.4.19/modules.dep
Mtime: 2002-11-04 21:16:56 , 2002-11-14 15:18:29
Ctime: 2002-11-04 21:16:56 , 2002-11-14 15:18:29
These module files usually get re-writter with every
On Thu, Nov 14, 2002 at 10:41:12AM -0500, Phillip Hofmeister wrote:
Apache has been having a lot of problems lately. ALMOST as bad as
IIS...
[useful part of message removed :]
My impression is that most of the problems found these days are cross-site
scripting, or at the worst, local
50 matches
Mail list logo
