On Fri, Oct 31, 2003 at 06:06:15PM +0100, Roman Medina wrote:
My opinion is that if a security bug is discovered it should be fixed
ASAP. It's really simple. The argument: We believe that there is no
security update required because intentionally exploiting this
vulnerability requires access
Ups, my apologies. You're completely right. I meant remote access with
apache user rights.
-R
On Saturday, 2003-11-01 at 11:03:16 +0100, [EMAIL PROTECTED] wrote:
- the bug is quite serious (local root, at minimun)
I wonder how a user would obtain root priviledges by overrunning an
Apache
Ups, my apologies. You're completely right. I meant remote access with
apache user rights.
-R
On Saturday, 2003-11-01 at 11:03:16 +0100, [EMAIL PROTECTED] wrote:
- the bug is quite serious (local root, at minimun)
I wonder how a user would obtain root priviledges by overrunning an
Apache
On Fri, Oct 31, 2003 at 06:06:15PM +0100, Roman Medina wrote:
My opinion is that if a security bug is discovered it should be fixed
ASAP. It's really simple. The argument: We believe that there is no
security update required because intentionally exploiting this
vulnerability requires access
Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked
programs in the past. I want to switch to debian and use only legal
software. I want to write debian netinst to a flash drive. Is it possible
that the distribution on the flash drive will be hacked through a Trojan or
the
-- Forwarded message -
От: Roman
Date: вс, 22 янв. 2023 г., 19:47
Subject: How to get 100% secure debian system?
To:
Hello. I'm a Windows 10 user. Unfortunately, I've used a lot of cracked
programs in the past. I want to switch to debian and use only legal
software. I want
vector for the *same* bug? Should we wait for this
event to occur? Not really a good idea...
Regards,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
On Thu, 30 Oct 2003 14:04:35 -0500, you wrote:
On Thu, Oct 30, 2003 at 07
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
unsubscribe [EMAIL PROTECTED]
Roman Meisinger
Siemens AG
ICN M TD15
Tel: 44247
E:Mail: [EMAIL PROTECTED]
probably have reasons to be scared... or not?
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
vector for the *same* bug? Should we wait for this
event to occur? Not really a good idea...
Regards,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
On Thu, 30 Oct 2003 14:04:35 -0500, you wrote:
On Thu, Oct 30, 2003 at 07
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
authentication directives like
x-forwarding.
from the man-page of sshd_config:
Available keywords are AllowTcpForwarding, ForceCommand, GatewayPorts,
PermitOpen, X11DisplayOffset, X11Forwarding, and X11UseLocalHost
hth,
roman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
-Original Message-
From: Thijs Kinkhorst th...@debian.org
Sent: Wednesday, August 22, 2012 12:57 PM
To: debian-security-annou...@lists.debian.org
Subject: [sb] [SECURITY] [DSA 2532-1] libapache2-mod-rpaf security update
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Jsem mimo kancelář do 26.08.2013.
V dobe od 12.8.-23.8.2013 cerpam dovolenou a jsem mimo kancelar. V nutnych
pripadech me kontaktujte na tel. c. 605 802 892.
S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu [SECURITY] [DSA
2738-1] ruby1.9.1 security update
to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu [SECURITY
will respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
will respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
will respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
will respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
will respond to your
e-mail as soon as possible on my return.
Please note, that your mail will not be forwarded. For any urgent matters,
please contact IT dep. on +420 571 855 201 or email: it at krasno.cz.
Best regards / S pozdravem
Roman Beitl
Poznámka: Toto je automatická odpověď na vaši zprávu
and sooner or later
the announcement will disappear (and you're mixing news of different
nature with security stuff). This was (and is) my standpoint.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
connection.
I don't know of any solution (level 7 filtering, etc) able to defeat this
kind of tricks.
--
Saludos,
-Roman
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
check
Application Layer Packet Classifier for Linux:
http://l7-filter.sourceforge.net/
Kernel Iptables Layer 7: http://l7-filter.sourceforge.net/HOWTO-kernel
On Dec 14, 2007 6:53 PM, Roman Medina-Heigl Hernandez [EMAIL PROTECTED]
wrote:
Willi Mann escribió:
If you want
How does Bluecoat deal with the fact that HTTPS connections are secured
point-to-point? If Bluecoat (or whatever) does some kind of MITM, client
browser would detect it and HTTPS would be broken. I still don't get the
point...
Cheers,
-Roman
Jonas Andradas escribió:
Hello Roman,
Thanks
Hello,
Have you seen this?
http://seclists.org/bugtraq/2009/Mar/0187.html
I'm wondering:
1) Is Alberto going to release updated (no official) packages?
(http://etc.inittab.org/~agi/debian/libapache-mod-security2)
2) When will mod-security be re-incorporated to Debian? ETA? I think
license issues
Hi,
Someone working on a fixed .deb for this?
http://www.openwall.com/lists/oss-security/2018/03/17/2
--
Saludos,
-Román
El 19/02/2019 a las 4:16, Russ Allbery escribió:
> Unfortunately, I took a closer look, and it turns out that this command
> was never safe. It also allows arbitrary code excution on the server
> side if the client can write to $HOME. This is because:
>
>--config=FILE
> This
El 19/02/2019 a las 17:44, Russ Allbery escribió:
> Roman Medina-Heigl Hernandez writes:
>
> So you cannot overwrite /home/synology/rsyncd.conf.
> Can the client just do:
>
> rsync rsyncd.conf :./
>
You're right, I was wrong. It's game over :)
> I think to make this
El 18/02/2019 a las 18:27, Russ Allbery escribió:
> While I agree that using undocumented features of rsync is a little
> dubious, I'm also willing to include a fix to allow the specific command
> line "rsync --server --daemon " since (a) it seems to be safe, (b)
> looks easy enough to do, and (c)
Hi security-fellows,
I applied recent rssh security updates to Debian 8 (jessie) and I
noticed that it breaks Synology's "Hyper backup" tool (with rsync method).
The relevant log lines at my Debian server:
Feb 10 03:28:21 roman rssh[19985]: cmd 'rsync' approved
Feb 10 03:28:21 roman
t;Hyper backup" tool (with rsync method).
>>>
>>> Feb 10 03:28:21 roman rssh[19985]: cmd 'rsync' approved
>>> Feb 10 03:28:21 roman rssh[19985]: insecure rsync options in rsync
>>> command line!
>>> Feb 10 03:28:21 roman rssh[19985]: user synology a
Wow, it works! Thank you!
" Has server cipher order? yes (OK) -- TLS 1.3 and below"
Cheers,
-r
El 09/05/2020 a las 21:53, Jonas Andradas escribió:
> Hi Roman,
>
> Did you try with the following in imapd.conf?
>
> |tls_prefer_server_ciphers: 1|
>
> Regards,
Hi,
I upgraded from Jessie to Buster (thru Stretch) and noticed that Cyrus
(imaps & pop3s) stopped negotiating TLS 1.0 and 1.1 protocols (I know
they're not recommended but I need them for older clients). I tried
several combinations of tls_ciphers and tls_versions in /etc/imapd.conf
(even very
col = None
> CipherString = DEFAULT
> To:
> /etc/ssl/openssl.cnf
>
> Regards,
>
> Alberto
>
> On Fri, May 08, 2020 at 09:07:31PM +0200, Roman Medina-Heigl Hernandez wrote:
>> Hi,
>>
>> I upgraded from Jessie to Buster (thru Stretch) and noticed that Cyr
36 matches
Mail list logo
