http://www.securityfocus.com/bid lists two bugs in phpsysinfo. I'm unsure
as to whether Debian is affected. Can someone else check and file a bug if
necessary?
Thanks
Drew Daniels
http://packetstorm.linuxsecurity.com/filedesc/injectso-0.2.1.tar.html
describes injectso, "a tool that can be used to inject shared libraries
into running processes on Linux (x86/IA32 and Sparc)...".
Maybe I misunderstand, but might it not be also possible to use this to
inject replacements for sh
On Wed, 30 Apr 2003 at 09:43:39AM +0200, Christian Hammers wrote:
> An easy fix that might go to woody:
> debian/mysql-server.postinst:
> if [ ! -e /var/lib/mysql/my.cnf ]; then
> echo "# for security reasons" > /var/lib/mysql/my.cnf
> fi
Thanks for po
On Wed, Apr 30, 2003 at 08:23:34AM +0200, Markus Amersdorfer wrote:
> On Sat, 26 Apr 2003 16:30:23 +0200
> Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote:
>
> Hi!
>
(...)
> Nevertheless, I actually wanted to propose including information about
> the overall situation into the security a
Hi,
I was wondering if someone is using nfs with kerberos authentication.
Everything seams to be there:
*) rpcsec_gss authentication is included in 2.5.58
*) a mount patch, exportfs patch and the gssd is available
Did anyone build debian packages for the patched mount/exportfs and gssd
?
Is an
Hello
I Cc [EMAIL PROTECTED], maybe my mails really got forgotten.
On Tue, Apr 29, 2003 at 08:35:24PM -0400, Carl Fink wrote:
> > Where did you get the information that said mysql was vulnerable?
>
> Several places, for one:
>
> http://www.linuxsecurity.com/advisories/trustix_advisory-299
Michael Rowe écrivait :
> Have you even been reading this list?
> "There are a large number of security issues discussed in the BTS.
> http://qa.debian.org/bts-security.html lists almost all of
> them. I'm looking at them and trying to create patches for some
> and bring them to the
Jean Christophe ANDR� said:
> The security team could make a public announcement asking for community
> help. The community (these of us who have free time) could help by
Have you even been reading this list?
"There are a large number of security issues discussed in the BTS.
http://qa.de
On Sat, 26 Apr 2003 16:30:23 +0200
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> wrote:
Hi!
> > lsof +L1 prints every unlinked open file:
> (..)
>
> you can use a check from the Tiger security tool to do
> just this, it's called 'check_finddeleted' and will point you to the
> processes (nor
Hi everybody,
I can see a lot of important security bugs which are still not resolved by
know, and especialy for Woody (current stable version => most important).
I think mainly about the ptrace bug in the kernel, the pptp bug (I use to
have in on firewalls) and know mysql (I have it on ev
10 matches
Mail list logo
