to the syslog calls and not to something else.
// Ulf Harnhammar, Debian Security Audit Project
--
___
Surf the Web in a faster, safer and easier way:
Download Opera 8 at http://www.opera.com
Powered by Outblaze
have found
them
too (boast boast), and I believe that they are no vulnerabilities at all, as the
offending data will always pass through this construct:
while((pt = strchr(vbuff, '%')))
*pt = '_';
(For the non-programmers out there, it changes all instances of % in vbuff to
_.)
// Ulf
On Sun, Jul 24, 2005 at 07:40:21PM +0200, Nejc Novak wrote:
that means, that the process was started at 17:31 today. So i checked
I killed the process and webserver and at 19:31 the process again
started with the same lines in syslog.
Check your crontabs (in various locations) and atq. It
On Thu, Jul 21, 2005 at 11:49:53PM +0200, Karsten Dambekalns wrote:
Another question came up here. Is it really likely to be a SSH brute force
break in, or could the attacker have been able to log in some other way? What
is currently possible in that respect on a machien that runs ssh,
On Mon, Jun 27, 2005 at 07:36:50PM +, Paul Hink wrote:
Having one's workstation compromised (e.g. due to some vulnerability of
Mozilla) is a serious thing. There might be confidential data (e.g.
private e-mails) stored on it and in many cases it makes compromising a
server much easier as
On Mon, Jun 27, 2005 at 09:05:20PM +0200, Frans Pop wrote:
Even if 3.0.4 contains only the security fix
It doesn't, BTW:
http://wiki.apache.org/spamassassin/changes304
// Ulf
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
6 matches
Mail list logo