mail archive Security issues members-only posting
freebsd-security.freebsd.org
(List home) (Recent threads) (174 other FreeBSD lists)
Subscription Options
- RSS or Atom: Read-only subscription using a browser or aggregator. This is the recommended way if you don't need to send messages to the list. You can learn more about feed syndication and clients here.
- Conventional: All messages are delivered to your mail address, and you can reply. To subscribe, send an email to the list's subscribe address with "subscribe" in the subject line, or visit the list's homepage here.
- Low traffic list: less than 3 messages per day
- This list contains about 36,175 messages, beginning Feb 1995
- 0 messages added yesterday
Security issues members-only posting
July 1998 - page 1
(Dima Ruban) — 89927116501 Jul 1998
I've updated my patches for krb5-1.0.5 for FreeBSD. New: ftp://ftp.rdy.com/pub/krb5/krb5-1.0.5+freebsd.diff Old: ftp://ftp.rdy.com/pub/krb5/krb5-1...
Henryk Czapski — 89927238601 Jul 1998
unsubscribe freebsd-security Henryk Czapski To Unsubscribe: send mail to with "unsubscribe security" in the body of the message...
xlock (7 Replies)
Christoph Kukulies — 89927779601 Jul 1998*
Alarmed by recent buffer overflow attacks on Linux machines in my vicinity (an exploit for this is available) I thought about xlock under FreeBSD and ...
Igor Roshchin — 89933252401 Jul 1998
I've noticed that one more patch was changed on Jun 30, and the Makefile for the newer version (2.5) was made available today. Thanks for the quic...
(FWD) Qpopper 2.52 (1 Reply)
Igor Roshchin — 89935627902 Jul 1998*
X-Sender: Message-ID: <v04100e19b1c06ea89adf@[129.46.137.174]> Date: Wed, 1 Jul 1998 16:04:17 -0700 Reply-To: Laurence Lundblade Sender: Bugtraq...
ark — 89937593902 Jul 1998
nuqneH, Is there anything like that without involving portalfs, say, working on per-user basis? ;) _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o ...
Re: bsd securelevel patch question (1 Reply)
(Andrew McNaughton) — 89945662203 Jul 1998*
Unless the server is restarted for some reason. hence the rapid cron job which will eventually succeed if not detected first.If the trojan gets to tel...
ipfw with ppp -alias setup (2 Replies)
Louie — 89953516104 Jul 1998*
I'm using userland ppp with packet aliasing to give a private address IP network (192.168.1.x on ed0) Internet access through a dialup ISP that as...
Re: ipfw with ppp -alias setup (1 Reply)
Louie — 89960536905 Jul 1998*
Yes, but I'm blocking 192.168.1.0/16 from coming in on the PPP side. Spoof prevention.> >01210 deny log ip from 172.16.0.0/12 to any in recv...
Numard (Norberto Meijome) — 89961146305 Jul 1998
PLEASE, CC DIRECTLY TO ME SINCE I'm NOT IN THIS LIST, THX! Hi! i've to install the des library to make apache 1.3 + frontpage extensions work....
Fernando P. Schapachnik — 89964781405 Jul 1998
This is a repost, I know. The reason is that the original message was completely ununderstandable due to my faulty keyboard and my faulty late night e...
Jay Tribick — 89965912905 Jul 1998*
Hi all.. I think we all need to look closely at the default-installed suid/sgid programs. Why, by default, does FreeBSD install uucp*? There's not...
Alex Povolotsky — 89975975506 Jul 1998
Hello! What can be on port 1028? I've found several attempts to connect to it... Alex....
Re: (FWD) Qpopper 2.52 (1 Reply)
Dave Hayes — 89979387807 Jul 1998*
Welp, 2.52 sig 11's a lot here too. Anyone figured this out yet?Freedom Knight of Usenet - (NEW!) http://www.jetcafe.org/~dave/usenet Wisdom (n.) ...
Re: (FWD) Qpopper 2.52 (1 Reply)
Dave Hayes — 89988898308 Jul 1998*
That, and take the -f optimizations out of the makefile. Those seem to have caused dbm_fetch() to SIGSEGV. :)Freedom Knight of Usenet - (NEW!) http://...
Archie Cobbs — 89991918008 Jul 1998
Does anyone recognize this attack? (I've changed the recipient IP address to "IPADDRESS" to protect the innocent :-) Thanks, -Archie...
Raul Zighelboim — 89992531108 Jul 1998
2 simultaneous traceroute routines ?To Unsubscribe: send mail to with "unsubscribe security" in the body of the message...
Marc Rassbach — 89993614108 Jul 1998
(and hopefully the last round!) Thanks to tips from Archie Cobbs at whistle.com I was able to almost get skip and natd on FreeBSD to work with NT 4.0 ...
Security Alert: Qualcomm POP Server (6 Replies)
Scot Elliott — 89995411309 Jul 1998*
Morning all. I caught someone last night with a root shell on our mail server. I traced it back to somewhere in the US, but unfortunately got locked o...
PGP 262 wont do 2048 bit keys. (2 Replies)
Open Systems Networking — 89995616709 Jul 1998*
For some reason I cannot for the life of me get PGP 262 out of ports to do 2048 bit keys. Now unless im dreaming doesnt pgp 262 do 2048 bit keys? I ke...
About popper bug (1 Reply)
Joao Paulo Caldas Campello — 90009196510 Jul 1998*
Hi all, The last days i've seen some messages about an exploitable bug in popper, but I couldn't locate the original message, certainly `cause...
a chroot() shell wrapper (1 Reply)
Aaron D. Gifford — 90012476611 Jul 1998*
Hello, I'm a relative newbie in coding for security, but I threw together a chroot() wrapper last night that is used as a user's shell. It chr...
Angelos D. Keromytis — 90012504711 Jul 1998
To: Subject: Re: chroot() Cc: Date: 07/10/98, 22:35:16 Keep in mind that it's trivial to escape from a root shell if you have root (or can do cert...
Joao Paulo Campello — 90021081612 Jul 1998
Hi all, I'm very glad of all the help I've received the last day about the qpopper bug... A lot of people sent me private and list emails expl...
RootRunner (admin GUI w/o security holes?) (6 Replies)
Jake Hamby — 90028097612 Jul 1998*
Hi all, I'm currently working on an administration GUI tool for FreeBSD, Linux, and Solaris. I've bitten off a rather large chunk of features ...
Re: DNS zone xfers from random(?) sites (1 Reply)
Hallam Oaks P/L list account — 90030183613 Jul 1998*
Hmmm ... this is interesting. Just a few days ago I saw this ... ipfw: 4110 Deny TCP 137.166.79.129:1852 139.130.xx.xxx:79 in via tun0 ipfw: 4110 Deny...
DNS zone xfers from random(?) sites (3 Replies)
Hallam Oaks P/L list account — 90031866213 Jul 1998*
G'Day all; I hope that asking this question doesn't reveal too much of my ignorance of DNS-related issues ;) I've been primary DNS for a f...
Hallam Oaks P/L list account — 90039775314 Jul 1998
[snip] >see what is 'on offer' and then change the default telnetd banner Fortunately I don't have telnet at all any more (SSH only) so...
Question... (6 Replies)
Alexander Kandelaki — 90040744714 Jul 1998*
Hi all! Once I run netstat and received : tcp 0 0 access.pop3 ppp170-tc3.1658 TIME_WAIT tcp 0 87 access.smtp egeo.unipg.it.4930 ESTABLISHED tcp 0 169 ...
RE: Large-scale scan of SNMP ports (1 Reply)
Espen Torseth — 90042318614 Jul 1998*
There is the possibility that someone has started "auto-discovery" in HP-OpenView, CA UniCenter, etc. and given the wrong net-adress/subnet-...
Max Euston — 90042327114 Jul 1998
[snip] > > Yesterday I detected what appears to be a large-scale scan of the 203.36the [snip] I concur. I regularly get these scans. I am almost...
Erik — 90044326914 Jul 1998
To Unsubscribe: send mail to with "unsubscribe security" in the body of the message...
Hallam Oaks P/L list account — 90047498115 Jul 1998
By default, I deny everything via IPFW. The only stuff I allow is the few services I want to expose. The rules that get the most hits (such as accesse...
Large-scale scan of SNMP ports (2 Replies)
Hallam Oaks P/L list account — 90047769015 Jul 1998*
Yesterday I detected what appears to be a large-scale scan of the 203.36 and 203.29 networks, coming from what appears to be a host connected to a loc...
Robert Watson — 90054695515 Jul 1998
This is the release announcement for ktokens-0.2, now available for download from http://www.watson.org/fbsd-hardening/tokens/ Announcements of future...
Jan B. Koum — 90063860617 Jul 1998
First pop. Now imap. -- Yan Jan Koum | "Turn up the lights; I don't want www.FreeBSD.org -- The Power to Serve | to go home in the ...
Allen Smith — 90064470117 Jul 1998
> echo "v nz gelvat gb unpx ebbg" | tr a-z n-za-m | mail root@hostname Correction: echo "w oz gelwau gb uowa ebbg" ...
Manar Hussain — 90069328117 Jul 1998
We'd certainly be interested in seeing ruleset ideas/snippets ... seem's silly to re-invent the wheel 100 times or miss out on good ideas ... ...
EMERGENCY: new remote root exploit in UW imapd (7 Replies)
Anonymous — 90071883717 Jul 1998*
INTRODUCTION On July 10, 1998 a message was posted to the University of Washington Pine mailing lists about a security problem in the UW imapd server ...
Hallam Oaks P/L list account — 90080424918 Jul 1998*
Ok, here it is. The following script is based on the 'simple' section of rc.firewall in the standard distribution. it makes the following assu...
Alexandre Snarskii — 90080656919 Jul 1998
"I do not believe the code". Theo deRaadt, in some bugtrack posting Hi! That is just to notify subscribers of freebsd-security that old[*] i...
Re: Large-scale scan of SNMP ports (7 Replies)
Hallam Oaks P/L list account — 90088345019 Jul 1998*
Two persons privately expressed interest in a copy of the rc.firewall script that I used (which picked up the scan). It's not anything overly grea...
Brett Glass — 90088672519 Jul 1998
It should stop most of them. I could imagine a situation where one subverted a program by changing its data (for example, one could force commands int...
cryptographically secure logging (2 Replies)
Julian Assange — 90092051520 Jul 1998*
"Cryptographic Support for Secure Logs on Untrusted Machines" B. Schneier and J. Kelsey, The Seventh USENIX Security Symposium Proceedings, ...
unwanted packets in secure mode? (1 Reply)
Jan B. Koum — 90097763120 Jul 1998*
Message from syslogd@0wn at Tue Jul 21 10:52:35 1998 ... 0wn syslogd: discarded 2 unwanted packets in secure mode Message from syslogd@0wn at Tue Jul ...
Peter Jeremy — 90100647221 Jul 1998
And just moving to Modula-3, Ada, APL, Lisp, Scheme, Smalltalk or your personal language-du-jour doesn't automatically fix the problem. The first ...
Peter Jeremy — 90101281821 Jul 1998
I have used this code in the past, and that sounds about right.Note that this code is getting fairly old and doesn't appear to be maintained. I am...
FreeBSD ipfw Configuration Page (2 Replies)
Phil Gilley — 90101375721 Jul 1998*
It seems that every time someone mentions an ipfw rule set they've developed there are several "can you send me a copy" followups. This ...
Jay Tribick — 90101461521 Jul 1998
If anyone's interested I found the GCC Bounds Checking page: http://www-dse.doc.ic.ac.uk/~rj3/bounds-check... Regards, Jay Tribick [| Network...
/usr/sbin/named (10 Replies)
Steve Reid — 90102445421 Jul 1998*
Is /usr/sbin/named as distributed with FreeBSD 2.2.6-RELEASE vulnerable to known exploits? Strings shows the version as 4.9.6-REL and a recent Bugtraq...