Hi,
From: Phillip Hofmeister
Date: Mon, 16 Dec 2002 17:52:15 -0500
I am sure you have seen the SSH CERT. Are we vulnerable? If so is
there a time line for an update?
I'd like to know too -- perhaps there's a chance the Debian package
(the OpenSSH-based one) isn't vulnerable as OpenSSH 3.5
Hi folks,
I presume many of you have heard of the following:
http://www.ethereal.com/appnotes/enpa-sa-6.html
Is the Debian package affected?
Hi,
From: Cedric Ware [EMAIL PROTECTED]
Subject: Re: Bug#149714: libfam0 Does not depend on fam
Date: Sun, 18 Aug 2002 02:30:02 +0200
I do use dselect and have no use for a local famd, and am somewhat annoyed
by this change in stable. (I have a vague recollection that dependencies
in stable
Hi,
From: Henrique de Moraes Holschuh [EMAIL PROTECTED]
Subject: Re: Bug#149714: libfam0 Does not depend on fam
Date: Mon, 19 Aug 2002 08:54:54 -0300
On Mon, 19 Aug 2002, [EMAIL PROTECTED] wrote:
purposes, defeats the dependencies - or comment it in /etc/inetd.conf,
but AFAIG there is no
Hi,
I'm trying to get opie-server|libpam-opie to use sha1 instead of md5,
but I haven't figured out how to do this on the server end. For the
client end, the -s option seems to be what to use w/ opiekey (though
this doesn't appear to be in the man pages...).
Has anyone figured out how to get
Hi,
From: Paul Hampson [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Thu, 1 Aug 2002 20:17:10 +1000
On Thu, Aug 01, 2002 at 07:09:28AM +0900, [EMAIL PROTECTED] wrote:
From: Phillip Hofmeister [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date:
Hi,
From: Paul Baker [EMAIL PROTECTED]
Subject: Re: [SECURITY] [DSA-136-1] Multiple OpenSSL problems
Date: Thu, 1 Aug 2002 20:04:24 -0500
On Thursday, August 1, 2002, at 06:35 PM, [EMAIL PROTECTED] wrote:
You might find the checkinstall package to be of some use here. It's
worked quite
Hi,
From: Karl E. Jorgensen [EMAIL PROTECTED]
Subject: Re: service enablement via mail and otp?
Date: Thu, 1 Aug 2002 01:20:46 +0100
...
I wrote:
I've downloaded a copy and taken a quick look at the man page -- I
didn't notice anything about mechanisms for dealing w/ replay attacks
in
Hi,
For some time, I've been toying w/ the idea of putting together
something that would allow me to trigger the starting/stopping of
various services [1] via a mail message containing some kind of OTP.
It seems like a fairly straightforward thing to implement but I'm not
itching to maintain any
Hi,
From: Mathias Palm [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 11:23:55 +0200
On Wed, Jul 31, 2002 at 08:24:50AM +0900, [EMAIL PROTECTED] wrote:
Hi,
From: Rick Moen [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date:
Hi,
From: Frank Copeland [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 10:33:37 + (UTC)
On 30 Jul 02 23:24:50 GMT, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Ah, that would be nice too. I know that the first thing I usually do
when I boot my
Hi,
From: Thomas J. Zeeman [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 14:55:25 +0200 (CEST)
On Wed, 31 Jul 2002 [EMAIL PROTECTED] wrote:
Hi,
From: Frank Copeland [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31
Hi,
From: Phillip Hofmeister [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 10:49:44 -0400
On Wed, 31 Jul 2002 at 09:25:40PM +0900, [EMAIL PROTECTED] wrote:
Perhaps update-rc.d or rcconf (as I posted earlier) can be used to get
the desired behavior --
Hi,
From: Javier Fernández-Sanguino Peña [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Wed, 31 Jul 2002 15:00:51 +0200
On Wed, Jul 31, 2002 at 09:25:40PM +0900, [EMAIL PROTECTED] wrote:
I don't think that's what I want -- I want the software installed,
just not
Hi,
From: Karl E. Jorgensen [EMAIL PROTECTED]
Subject: Re: service enablement via mail and otp?
Date: Wed, 31 Jul 2002 13:47:16 +0100
On Wed, Jul 31, 2002 at 02:01:14PM +0200, Marcin Owsiany wrote:
On Wed, Jul 31, 2002 at 01:37:30PM +0900, [EMAIL PROTECTED] wrote:
Hi,
For some time,
Hi,
From: Ruben Porras [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: 30 Jul 2002 20:50:42 +0200
On Tue, 2002-07-30 at 19:09, Crawford Rainwater wrote:
Thanks to all on the Portsentry issue I had
a week ago.
Along those same lines, I have two ports I cannot
Hi,
From: Rick Moen [EMAIL PROTECTED]
Subject: Re: Some more port closing questions
Date: Tue, 30 Jul 2002 16:21:18 -0700
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
Kind of off-topic here, but I've been wondering for a while [1] whether
the portmap package would be made to not install
Hi,
From: Dale Amon [EMAIL PROTECTED]
Subject: Re: Can you direct kernel messages?
Date: Tue, 23 Jul 2002 12:44:10 +0100
On Tue, Jul 23, 2002 at 06:13:46PM +0700, Jean Christophe ANDR?? wrote:
There is also direct console kernel loging.
You can reduce by using dmesg (man dmesg = -n
Hi,
From: Rolf Kutz [EMAIL PROTECTED]
Subject: Re: woody ssh update and PAM keyboard-interactive authentication won't
work.
Date: Sat, 6 Jul 2002 12:26:54 +0200
* Quoting Chuck Peters ([EMAIL PROTECTED]):
It doesn't appear as though this keyboard-interactive authentication is
Hi,
Thanks for the response.
From: Rolf Kutz [EMAIL PROTECTED]
Subject: Re: woody ssh update and PAM keyboard-interactive authentication won't
work.
Date: Sun, 7 Jul 2002 03:48:11 +0200
* Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
From: Rolf Kutz [EMAIL PROTECTED]
One Time
Hi,
From: Florian Weimer [EMAIL PROTECTED]
Subject: Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver
Libraries
Date: Fri, 05 Jul 2002 12:20:06 +0200
[EMAIL PROTECTED] writes:
Ah, I see your in-depth post on Bugtraq now (-;
Hi,
I noticed a number of days back at ethereal's home page that a new
version (0.9.5) was released that has some security fixes since the
release of 0.9.4:
http://www.ethereal.com/appnotes/enpa-sa-5.html
I also noticed a 0.9.5 package in unstable (whose changelog.Debian.gz
file mentions
Hi,
Thanks for the comments.
Ah, I see your in-depth post on Bugtraq now (-;
http://msgs.securepoint.com/cgi-bin/get/bugtraq0207/39/1.html
From your Bugtraq post, I got the impression that since I haven't
changed the defaults in /etc/nsswitch.conf -- i.e. my networks: line
is:
networks:
[Trying again w/ an attempt to graft on to an existing thread.]
Hi,
I see a claim that glibc isn't vulnerable at:
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
Any comments?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
Hi,
I see a claim that glibc isn't vulnerable at:
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/AAMN-5BMSW2
Any comments?
(Sorry about breaking the thread -- I only just recently subscribed
and don't have the messages in this thread in my mailer)
--
To UNSUBSCRIBE, email to [EMAIL
25 matches
Mail list logo
