Re: Wmmon under FreeBSD

1999-12-29 Thread Greg A. Woods
level interface tool. -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] robohack!woods Planix, Inc. [EMAIL PROTECTED]; Secrets of the Weird [EMAIL PROTECTED]

[ISC-Bugs #811] (bind9) yes, it seems NMAP can trivially crash BIND-9.1.0, at least on i386.... (forwarded)

2001-02-08 Thread Greg A. Woods
sock-pf; } + + dev-newsocket-address.length = addrlen; + dev-newsocket-pf = sock-pf; /* * Pull off the done event. - Managed by Request Tracker --- end --- --

Re: Solaris /usr/bin/mailx exploit (SPARC)

2001-05-16 Thread Greg A. Woods
that the entire ATT UNIX mail system was leaning far away from using root privileges and would work entirely with just setgid. -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED

Re: Solaris /usr/bin/mailx exploit (SPARC)

2001-05-16 Thread Greg A. Woods
filesystem such that you don't have to use FS quotas there. BSD's setuid-root mail subsystem is stupidly insecure, but many of us do live with its risks every day. :-( -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED

Re: Solaris /usr/bin/mailx exploit (SPARC)

2001-05-17 Thread Greg A. Woods
the system involved is used for! -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; Secrets of the Weird [EMAIL PROTECTED]

Re: Solaris /usr/bin/mailx exploit (SPARC)

2001-05-18 Thread Greg A. Woods
them -- learn from history! -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; Secrets of the Weird [EMAIL PROTECTED]

Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit)

2001-05-18 Thread Greg A. Woods
, but it can be done. Of course a mail storage system such as Cyrus IMAP can facilitate this much more readily, though it doesn't have to since it now has built-in, user-controllable, presumably secure, filtering. -- Greg A. Woods +1 416 218

Re: Mail delivery privileges (was: Solaris /usr/bin/mailx exploit)

2001-05-19 Thread Greg A. Woods
. ;-) -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; Secrets of the Weird [EMAIL PROTECTED]

Re: FIN_WAIT_1 DoS (netkill): Why the vulnerability still exists?

2001-07-25 Thread Greg A. Woods
for the attacker(s) to work around this first-level defense though and ACK one or two data packets first, but will they? :-) -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED

Re: hacker copyrights was [RE: telnetd exploit code]

2001-07-26 Thread Greg A. Woods
. -- Greg A. Woods +1 416 218-0098 VE3TCP [EMAIL PROTECTED] [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; Secrets of the Weird [EMAIL PROTECTED]

RE: hacker copyrights was [RE: telnetd exploit code]

2001-07-26 Thread Greg A. Woods
to control redistribution, at least free redistribution, since nobody can prove one way or another how some second analyst might have obtained a copy of the code when all initial distribution is anonymous (and free). -- Greg A. Woods +1 416 218

Re: It takes two to tango

2002-07-31 Thread Greg A. Woods
put in place to protect the researchers who find the holes. IANAL, but I would hope no new laws are necessary -- the recognition of fair notice should be sufficient. -- Greg A. Woods +1 416 218-0098;[EMAIL PROTECTED