Re: Is chromium updated?

2020-11-13 Thread Sven Hartge 

On 17.10.20 14:28, Georgi Guninski wrote:


Is Debian's chromium vulnerable now?


Yes. The Team maintaining Chromium in Debian is clearly overloaded and 
understaffed and I am sure the Corona Crisis isn't helping here.

Re: Misuse/Abuse

2020-10-13 Thread Sven Hartge 

On 13.10.20 16:00, Daniel Leidert wrote:


Clearly someone tries to run a command put as an address. Out of curiosity:
Which kind of vulnerability are they trying to use here?


Probably CVE-2019-10149

https://www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt

Grüße,
Sven.

Re: [SECURITY] [DSA 3909-1] samba security update

2017-07-14 Thread Sven Hartge 
On 14.07.2017 14:25, Yves-Alexis Perez wrote:

> For the oldstable distribution (jessie), this problem has been fixed
> in version 2:4.2.14+dfsg-0+deb8u7.

Is this just me or has the update for Jessie x86_64 been built in an
unclean environment or from the wrong sources?

For me the binary packages have dependencies unfulfillable in Jessie:

The following packages have unmet dependencies:
 samba-common-bin : Depends: libncurses5 (>= 6) but 5.9+20140913-1+b1 is
to be installed
Depends: libreadline7 (>= 6.0) but it is not installable
Depends: libtinfo5 (>= 6) but 5.9+20140913-1+b1 is
to be installed
Depends: samba-libs (= 2:4.2.14+dfsg-0+deb8u7) but
2:4.2.14+dfsg-0+deb8u6 is to be installed

The 32bit i386 packages on the hand are fine, probably because they were
built by a buildd.

Grüße,
Sven.



signature.asc
Description: OpenPGP digital signature

Re: HTTPS needs to be implemented for updating

2016-12-20 Thread Sven Hartge 
On 20.12.2016 10:45, Hans-Christoph Steiner wrote:

> Also, it would be really awesome if there was:
> 
> https://httpsredir.debian.org/debian
> 
> Which automatically redirected to mirrors that support HTTPS.  I filed
> an issue here:
> https://github.com/rgeissert/http-redirector/issues/78

There is https://deb.debian.org/debian which automatically redirects you
to one of two mirror networks using HTTPS.

Grüße,
Sven.




signature.asc
Description: OpenPGP digital signature

Re: Is this a hacking attempt?

2015-01-22 Thread Sven Hartge 
Bonno Bloksma b.blok...@tio.nl wrote:
 Van: paul.is.w...@gmail.com [mailto:paul.is.w...@gmail.com] Namens Paul Wise

 Fortunately, this works, but there are sites where doesn't.

 Do you have any examples of sites that still need Flash? Obviously
 flash game sites still need it but surely almost all of the web has
 moved away from it at this point?

 VMware based their new vSphere management interface around flash.
 The idea was that companies without Windows machines no longer need a
 Windows PC just to use the VMware client. All they need now is a
 machine with flash. ;-)

Which has been subverted since vSphere 5.5, because Linux is no longer a
supported platform for the vSphere Web Client.

You can kind of limb along using Google Chrome, which has an included
Flash 15 (Flash 11.5 or higher is needed for the vSphere Web Client
whereas the last official Adobe release is 11.2) but then there are
still features unavailable for Linux users, like beeing able to insert
local CD/DVDs or images into the virtual DVD drive. Also the keyboard
mapping for the virtual console is totally broken on Linux. If you
configure your VM to use an English keyboard layout it kind of works,
any other layout is unusable. For example you are not able to type the /
while using a German keyboard layout. Any key using a modifier key like
Alt or Shift (besides uppercase letters, which work) is broken.

So in the end, you again need a Windows PC to use the vSphere Web Client
if you need to use any feature besides VM powering on and off.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/6batvoh82...@mids.svenhartge.de

Re: Funny story about mysteriously open port 21

2010-03-09 Thread Sven Hartge 
On 09.03.2010 09:21, Sir Conquer wrote:

 As I was testing new iptables rules on my remote Lenny server, port
 21 kept coming up as open, yet nothing was listening on it (according
 to netstat and lsof). At which point I'm panicking and wondering
 whether I've been owned! The panic had productive side-effects, as I
 discovered several misconfigurations in Bind. Still, no matter where
 I poked - I could not figure out what the hell is opening the damn
 ftp port... After making sure that I'm thoroughly dropping all
 traffic from APNIC subnets, and as I was getting ready to post a
 question about my dilemma here - I had a eureka moment - I'M RUNNING
 FTP PROXY on my LAN gateway! LOL :-) I laughed so hard that I woke-up
 (and pissed-off) my wife!

The same can very easily happen if your network uses some sort of
transparent web-proxy, either using the classic iptables REDIRECT
approach or with help of a Cisco router and WCCP.

Outgoing port 80 will always seem to be available and this has more than
once driven me nearly mad :)

Also tcptraceroutes with destination port 80 will always end in your own
network (in your proxy) instead of tracing the internets, but the
resulting hostname will still be the one you targeted:

x...@:~$ tcptraceroute.mt -N www.debian.org 80
Selected device eth0, address 192.168.192.67, port 39841 for outgoing
packets
Tracing the path to www.debian.org (141.76.2.5) on TCP port 80 (www), 30
hops max
 1  fw01-1-ha-dvzadmins.dvz.fh-giessen.de (192.168.192.120)  0.248 ms
0.999 ms  1.195 ms
 2  asr-a016-ge1-v107.its.fh-giessen.de (10.196.12.50)  2.130 ms  2.540
ms  2.798 ms
 3  www.de.debian.org (141.76.2.5) [open]  5.206 ms  3.518 ms  1.310 ms

So, lesson learned: if you do remote forensics, always make sure your
network behaves the way you think it does.

Grüße,
Sven.


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4b961e57.3010...@svenhartge.de

Re: chkrootkit sniffers

2006-08-10 Thread Sven Hartge 
Um 22:48 Uhr am 10.08.06 schrieb Henri Salo:

 I am running Debian stable (kernel 2.6.8-2) chkrootkit version 0.44 with
 command chkrootkit and it gives me:
 
 Checking `sniffer'... lo: PACKET SNIFFER(/sbin/dhclient[29148])
 eth0: PACKET SNIFFER(/sbin/dhclient[29148], /sbin/dhclient[29307])
 eth1: PACKET SNIFFER(/sbin/dhclient[29148])
 
 is that serious?

No. Both dhclient and dhcpd are known false positives.

You should of course check, if those processes are _really_ a dhclient.

Grüße,
Sven.

-- 
Sven Hartge -- professioneller Unix-Geek
Meine Gedanken im Netz: http://www.svenhartge.de/

Achtung, neue Mail-Adresse: [EMAIL PROTECTED]

Re: OpenSSL vs. GnuTLS in Exim

2006-04-03 Thread Sven Hartge 
Um 23:34 Uhr am 03.04.06 schrieb Jaroslaw Tabor:

 Can anyone tell me if there is any security risk to use openssl in
 exim4 ?

No. Why do you suspect there to be any risks?

 I'm using OpenSSL based applications (i.e. courier-imap-ssl) for a long 
 time without ANY problems. What was the reason to use GnuTLS in exim ???

Licences problems regarding OpenSSL in combination with GPL'd code without 
a special clause allowing linking to OpenSSL-based code.

Grüße,
Sven.

-- 
Sven Hartge -- professioneller Unix-Geek
Meine Gedanken im Netz: http://www.svenhartge.de/

Achtung, neue Mail-Adresse: [EMAIL PROTECTED]