-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 195-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
November 13th, 2002
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
It is my understanding all of these vulnerabilities exist in the *stock* version of
Bind 8.3.3-REL from ISC.
Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm not
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
Unfortunately the only way to fix it currently (since even ISCs
has not published patches although there seems to be some patches
available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommends
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
ISC recommends that BIND installations should be upgraded to BIND version 4.9.11,
8.2.7, 8.3.4 or to BIND version 9.
(from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have
On Tue, 12 Nov 2002 at 02:45:52PM +0100, Alexander Neumann wrote:
Greets from cold Michigan...
Is there a new apache-exploit in the wild?
Only the old one. It does not mean apache was exploded. Someone could
have rooted you and decided they wanted a web server. They left your
apache config
Jan Niehusmann [EMAIL PROTECTED] writes:
I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
UNSUBSCRIBE
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
I'm subscribed to this list for a few weeks, but this type of message
seems not to be very rare here. Does anyone actualy read messages here,
because there is a note at the end of every message on how to
unsubscribe. Actually I have been successfully unsubscribed from
debian-laptop so now I know
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
godamn mother fuckers
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi!
Please read
http://www.hlug.org/modules.php?op=modloadname=Newsfile=articlesid=6mode=threadorder=0thold=0
Is Debian affected?
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Big Misunderstandings #6398: The Titanic was not supposed to be
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive patches for
the previous Apache vulnerabilities that were fixed for Potato and
Woody, but not Sid? It's been days... Raymond
Because Sid's aim is to allow you to test bugs... and enjoy viruses! g ;-)
Sid is
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are un-subscribed
my words are in vain.
On Wed, Nov 13, 2002 at 04:44:46PM -0200, [EMAIL PROTECTED] wrote:
godamn mother fuckers
--
To UNSUBSCRIBE,
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDRÉ remarked:
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive patches
for the previous Apache vulnerabilities that were fixed for
Potato and Woody, but not Sid? It's been days... Raymond
Because
On Wed, Nov 13, 2002 at 08:15:58PM +0100, Lupe Christoph wrote:
Is Debian affected?
I checked a few hours ago, and it was not, at least the mirror I'm
using.
--
Lionel
msg07715/pgp0.pgp
Description: PGP signature
How long does it take to unsubscribe? I did it 2-3 days ago and I'm
still getting messages...
On Wed, 2002-11-13 at 14:18, Jonathan Crockett wrote:
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are
On Wed, Nov 13, 2002 at 03:22:20PM -0500, Raymond Wood wrote:
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDR? remarked:
Raymond Wood ?crivait :
Respectfully, does anyone know when Sid will receive patches
for the previous Apache vulnerabilities that were fixed for
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Thu, Nov 14, 2002 at 07:45:34AM +0700, Jean Christophe ANDRÉ imagined:
Raymond Wood écrivait :
Jean Christophe ANDRÉ remarked:
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive
patches for the previous Apache vulnerabilities that
were fixed for
On Thu, Nov 14, 2002 at 09:43:24AM +0900, Junichi Uekawa wrote:
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset
Sarge (and everyone else who does not read the bottom of list emails),
Read the bottom of the email and send your request to:
[EMAIL PROTECTED]
It isn't that difficult and I'm only giving you this advice because this
is the second unsuccessful attempt you've made at unsubscribing.
On Wed,
Any word from the security team on what's going on with potato's bind?
Mike
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
¦b 2002 ¤Q¤@¤ë 14 ¬P´Á¥| 12:45¡AMike Dresser ¼g¹D:
Any word from the security team on what's going on with potato's bind?
Mike
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
http://www.isc.org/products/BIND/bind-security.html
Is the Woody bind also vulnerable?
--
Someone needs to be more careful with their auto-blacklist. This
message was reported to Razor and is NOT spam...tisk tisk.
On Thu, 14 Nov 2002 at 01:04:51PM +0800, Patrick Hsieh wrote:
?b 2002 ?Q?@?? 14 ?P???| 12:45?AMike Dresser ?g?D:
Any word from the security team on what's going on with
Quoting Raymond Wood ([EMAIL PROTECTED]):
The question is obviously an unpopular one :)
Well, I think it got old. Moreover, and more to the point, FAQed.
Even though Sid is officially not supported by the security team,
still 99 times out of a hundred, a patch or new version will appear in
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this vulnerability was very badly organized (not by the
security team), and the
Hello,
This morning I've read the following in my snort.alert log:
[**] [116:46:1] (snort_decoder) WARNING: TCP Data Offset is less than 5! [**]
11/13-21:21:31.736604 200.207.87.24:0 - 80.84.232.115:0
TCP TTL:117 TOS:0x0 ID:19244 IpLen:20 DgmLen:40
***F Seq: 0x3A6D74 Ack: 0x110 Win:
On Thursday 14 November 2002 14:24, Noah L. Meyerhans wrote:
On Wed, Nov 13, 2002 at 11:45:19PM -0500, Mike Dresser wrote:
Any word from the security team on what's going on with potato's bind?
Both potato and woody are vulnerable. Fixes are on there way, but
disclosure of this
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
It is my understanding all of these vulnerabilities exist in the *stock*
version of Bind 8.3.3-REL from ISC.
Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
Unfortunately the only way to fix it currently (since even ISCs
has not published patches although there seems to be some patches
available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommends
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
ISC recommends that BIND installations should be upgraded to BIND version
4.9.11, 8.2.7, 8.3.4 or to BIND version 9.
(from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have
The below is from snort running on 192.168.1.200 and talking to
192.168.1.1 linux firewall/router Any ideas as to what could be
causing this? I even tried turning off all internal iptables. Nothing
improved.
BAD TRAFFIC MISC Large UDP Packet
[**] [1:1322:4] BAD TRAFFIC bad frag
On Tue, 12 Nov 2002 at 02:45:52PM +0100, Alexander Neumann wrote:
Greets from cold Michigan...
Is there a new apache-exploit in the wild?
Only the old one. It does not mean apache was exploded. Someone could
have rooted you and decided they wanted a web server. They left your
apache config
Javier Fernández-Sanguino Peña [EMAIL PROTECTED] writes:
I can't speak for the security team (since I'm not part of it). As
far as I know these vulnerabilities are there in the Debian version. As a
matter of fact ISS seems to have given only 9 hours of previous notice to
vendors (all
Jan Niehusmann [EMAIL PROTECTED] writes:
I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
UNSUBSCRIBE
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Yth Bpk/Ibu
di tempat
Mohon maaf bila menggangu waktu anda sebentar.
Kami dari sebuah Team Bisnis Online-Offline menawarkan kesempatan Berwirausaha
yang
SANGAT MENARIK kepada Anda untuk memiliki bisnis Offline yang baru 2 tahun
terakhir ini Go-Online
dengan hasil yang spektakuler.
Bisnis kami
On Wed, Nov 13, 2002 at 04:33:30PM +0100, Martin Schulze remarked:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 195-1 [EMAIL PROTECTED]
I'm subscribed to this list for a few weeks, but this type of message
seems not to be very rare here. Does anyone actualy read messages here,
because there is a note at the end of every message on how to
unsubscribe. Actually I have been successfully unsubscribed from
debian-laptop so now I know
godamn mother fuckers
Hi!
Please read
http://www.hlug.org/modules.php?op=modloadname=Newsfile=articlesid=6mode=threadorder=0thold=0
Is Debian affected?
Thanks,
Lupe Christoph
--
| [EMAIL PROTECTED] | http://www.lupe-christoph.de/ |
| Big Misunderstandings #6398: The Titanic was not supposed to be
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive patches for
the previous Apache vulnerabilities that were fixed for Potato and
Woody, but not Sid? It's been days... Raymond
Because Sid's aim is to allow you to test bugs... and enjoy viruses! g ;-)
Sid is
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are un-subscribed
my words are in vain.
On Wed, Nov 13, 2002 at 04:44:46PM -0200, [EMAIL PROTECTED] wrote:
godamn mother fuckers
--
To UNSUBSCRIBE,
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDRÉ remarked:
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive patches
for the previous Apache vulnerabilities that were fixed for
Potato and Woody, but not Sid? It's been days... Raymond
Because
On Wed, Nov 13, 2002 at 08:15:58PM +0100, Lupe Christoph wrote:
Is Debian affected?
I checked a few hours ago, and it was not, at least the mirror I'm
using.
--
Lionel
pgpRBCwvNmdOx.pgp
Description: PGP signature
How long does it take to unsubscribe? I did it 2-3 days ago and I'm
still getting messages...
On Wed, 2002-11-13 at 14:18, Jonathan Crockett wrote:
Either spell it right or punctuate it correctly.
go damn mother fuckers or goddamn mother fuckers.
Your choice. Of course since you are
On Wed, Nov 13, 2002 at 03:22:20PM -0500, Raymond Wood wrote:
On Thu, Nov 14, 2002 at 02:23:30AM +0700, Jean Christophe ANDR? remarked:
Raymond Wood ?crivait :
Respectfully, does anyone know when Sid will receive patches
for the previous Apache vulnerabilities that were fixed for
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
On Thu, Nov 14, 2002 at 07:45:34AM +0700, Jean Christophe ANDRÉ imagined:
Raymond Wood écrivait :
Jean Christophe ANDRÉ remarked:
Raymond Wood écrivait :
Respectfully, does anyone know when Sid will receive
patches for the previous Apache vulnerabilities that
were fixed for
On Thu, Nov 14, 2002 at 09:43:24AM +0900, Junichi Uekawa wrote:
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset
Sarge (and everyone else who does not read the bottom of list emails),
Read the bottom of the email and send your request to:
[EMAIL PROTECTED]
It isn't that difficult and I'm only giving you this advice because this
is the second unsuccessful attempt you've made at unsubscribing.
On Wed,
Any word from the security team on what's going on with potato's bind?
Mike
在 2002 十一月 14 星期四 12:45,Mike Dresser 寫道:
Any word from the security team on what's going on with potato's bind?
Mike
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
http://www.isc.org/products/BIND/bind-security.html
Is the Woody bind also vulnerable?
--
Patrick
Someone needs to be more careful with their auto-blacklist. This
message was reported to Razor and is NOT spam...tisk tisk.
On Thu, 14 Nov 2002 at 01:04:51PM +0800, Patrick Hsieh wrote:
?b 2002 [EMAIL PROTECTED] 14 ?P???| 12:45?AMike Dresser ?g?D:
Any word from the security team on what's
57 matches
Mail list logo
