Hi Cameron,
Am 2005-11-11 10:23:56, schrieb Cameron L. Spitzer:
> I think it's a major security bug for /tmp and /var/tmp
> to be mounted with exec privileges. It's a major security
/tmp do not need to be mounted with exec privileges.
You can execute from wherever you want.
You have a very lim
Ralph Crongeyer wrote:
Jochen Schulz <[EMAIL PROTECTED]> wrote:
Realos:
Mike McCarty wanted us to know:
http://www.securityfocus.com/brief/38?ref=rss
I have rpc.statd and portmap running on my system. Are they vulnerable
to this security hole/worm?
As I do not use nfs on my debian serv
Cameron L. Spitzer wrote:
> It's misleading to call these things "Linux worms."
Very true.
> I think it's a major security bug for /tmp and /var/tmp
> to be mounted with exec privileges.
Due to the design of ld.so, the noexec flag is no-op on Linux systems.
It's at most a minor speedbump to runn
[This message has also been posted to
linux.debian.user,comp.infosystems.www.servers.unix.]
In article <[EMAIL PROTECTED]>, Hugo Vanwoerkom wrote:
> Paul Johnson wrote:
>> Hugo Vanwoerkom wrote:
>>>Mike McCarty wrote:
>>>
http://www.securityfocus.com/brief/38?ref=rss
>>>
>>>How to detect wheth
Paul Johnson wrote:
Hugo Vanwoerkom wrote:
Mike McCarty wrote:
http://www.securityfocus.com/brief/38?ref=rss
How to detect whether infection has occurred?
Don't go overboard yet. Might want to read Steve Lamb's comment about this
just upthread.
Like Joey says, Debian Sarge with se
Hugo Vanwoerkom wrote:
> Mike McCarty wrote:
>> http://www.securityfocus.com/brief/38?ref=rss
>>
>>
>
> How to detect whether infection has occurred?
Don't go overboard yet. Might want to read Steve Lamb's comment about this
just upthread.
--
Paul Johnson
Email and Instant Messenger (Jabber
Hugo Vanwoerkom wrote:
> Mike McCarty wrote:
>
>> http://www.securityfocus.com/brief/38?ref=rss
>>
>>
>
> How to detect whether infection has occurred?
>
> H
>
>
I got the following log in my apache access.log which I'm concerned about:
208.234.0.44 - - [08/Nov/2005:10:01:03 -0500] "GET
/cgi
On Tue, 2005-11-08 at 20:50 +0100, Jochen Schulz wrote:
> Realos:
> > > Mike McCarty wanted us to know:
> >
> > >http://www.securityfocus.com/brief/38?ref=rss
> > >
> >
> > I have rpc.statd and portmap running on my system. Are they vulnerable
> > to this security hole/worm?
> >
> > As I do not
Mike McCarty wrote:
> http://www.securityfocus.com/brief/38?ref=rss
Ha. You can tell that the individual writing that article has an axe to
grind. At the end they cite 2 worms on Linux and staates "its variants as an
indication that web-based worms that target Linux and Unix applications are
Ralph Crongeyer wrote:
Jochen Schulz <[EMAIL PROTECTED]> wrote:
Realos:
Mike McCarty wanted us to know:
http://www.securityfocus.com/brief/38?ref=rss
I have rpc.statd and portmap running on my system. Are they vulnerable
to this security hole/worm?
As I do not use nfs on my debian serv
Mike McCarty wrote:
http://www.securityfocus.com/brief/38?ref=rss
How to detect whether infection has occurred?
H
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Jochen Schulz <[EMAIL PROTECTED]> wrote:
>Realos:
>> > Mike McCarty wanted us to know:
>>
>> >http://www.securityfocus.com/brief/38?ref=rss
>> >
>>
>> I have rpc.statd and portmap running on my system. Are they vulnerable
>> to this security hole/worm?
>>
>> As I do not use nfs on my debian ser
Realos:
> > Mike McCarty wanted us to know:
>
> >http://www.securityfocus.com/brief/38?ref=rss
> >
>
> I have rpc.statd and portmap running on my system. Are they vulnerable
> to this security hole/worm?
>
> As I do not use nfs on my debian server, doesn't it make sense to
> disable both portmap
Looking at the Security focus
page:http://www.securityfocus.com/bid/14088/ , it looks like only
systems running PHP versions up to 4.3.11 are affected. Which should
make testing not affected, as it's at version 4.4.0. But stable would
be because it's still at 4.3.10. Can anyone confirm this?
On
Realos wrote:
Mike McCarty wanted us to know:
http://www.securityfocus.com/brief/38?ref=rss
I have rpc.statd and portmap running on my system. Are they vulnerable
to this security hole/worm?
As I do not use nfs on my debian server, doesn't it make sense to
disable both portmap and rpc.st
Realos wrote:
> I have rpc.statd and portmap running on my system. Are they vulnerable
> to this security hole/worm?
No, that is not a php xml-rpc based service.
The holes this worm reportedly exploits were fixed in Debian when they
were discovered several months ago. If you've installed third pa
> Mike McCarty wanted us to know:
>http://www.securityfocus.com/brief/38?ref=rss
>
I have rpc.statd and portmap running on my system. Are they vulnerable
to this security hole/worm?
As I do not use nfs on my debian server, doesn't it make sense to
disable both portmap and rpc.statd on my system
http://www.securityfocus.com/brief/38?ref=rss
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
18 matches
Mail list logo
