Dear users,
For a long time now I've been investigating problems relating FreeBSD ZFS
.zfs handling, and found that I am not enough to fix issues. Until fixes
arrive, unfortunately a regular user can DoS a FreeBSD system which has
ZFS filesystems with the attached script. While the script expe
Hi,
On Tue, Jan 14, 2014 at 08:11:08PM +, FreeBSD Security Advisories wrote:
>
> II. Problem Description
>
> The bsnmpd(8) daemon is prone to a stack-based buffer-overflow when it
> has received a specifically crafted GETBULK PDU request.
>
> III. Impact
>
> This issue could be exploited
As suggested, adding freebsd-security.
On 15 January 2014 21:45, Xin Li wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 01/15/14 13:04, Ben Laurie wrote:
>> Have not read this yet, but someone at Real World Cryptography
>> pointed me at it. Sounded like a good idea.
>>
>> http:/
Hello Dag-Erling
On 14.01.2014 14:06, Dag-Erling Smørgrav wrote:
Cristiano Deana writes:
I tried several workaround with config and policy, and ended up you MUST
have 4.2.7 to stop these kind of attacks.
Doesn't "restrict noquery" block monlist in 4.2.6?
It does at least in 4.2.4p8 (runnin
Hello Dag-Erling
On 14.01.2014 14:11, Dag-Erling Smørgrav wrote:
Garrett Wollman writes:
For a "pure" client, I would suggest "restrict default ignore" ought
to be the norm. (Followed by entries to unrestrict localhost over v4
and v6.)
Pure clients shouldn't use ntpd(8). They should use sn
