Eirik Øverby [EMAIL PROTECTED] writes:
I have a FreeBSD based firewall (pfsense) and, behind it, a few dozen
FreeBSD servers. Now we're required to run external security scans
(nessus++) on some of the hosts, and they constantly come back with a
high or medium severity problem: The host
On Nov 23 17:03:15, Eirik ?verby wrote:
I have a FreeBSD based firewall (pfsense) and, behind it, a few dozen
FreeBSD servers. Now we're required to run external security scans
(nessus++) on some of the hosts, and they constantly come back with a
high or medium severity problem: The host
On Monday 24 November 2008, Eygene Ryabinkin wrote:
Anish, good day.
That's fine, thanks. But yesterday I had sent a patch that fixes
the vulnerabilities for 2.8.2. What do you think about it? Could
you test the patch? The VuXML entry details depend on this: I
wrote that hplip = 2.8.4
Submitter-Id: current-users
Originator:Eygene Ryabinkin
Organization: Code Labs
Confidential: no
Synopsis: [vuxml] editors/vim: document netrw issues
Severity: serious
Priority: medium
Category: ports
Class: sw-bug
Release: FreeBSD 7.1-PRERELEASE i386
Synopsis: [patch] [vuxml] graphics/imlib2: fix CVE-2008-5187
State-Changed-From-To: open-closed
State-Changed-By: stas
State-Changed-When: Mon Nov 24 17:50:36 UTC 2008
State-Changed-Why:
Committed, with minor changes. Thanks!
http://www.freebsd.org/cgi/query-pr.cgi?pr=129037
| By FreeBSD Security Advisories [EMAIL PROTECTED]
| [ 2008-11-24 19:48 +0200 ]
III. Impact
All security-related kernel subsystems that rely on a quality random
number generator are subject to a wide range of possible attacks for the
300 seconds after
Upon reading this, my first question was whether the weakness applies to
the random numbers supplied by /dev/random. If it does, then userspace has
been getting non-random values, and things like PGP and SSH keys could be
compromised. It might be good for secteam to clarify this, IMHO.
On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-08.11.arc4random Security Advisory
The FreeBSD Project
Topic:
2008/11/24 [EMAIL PROTECTED]:
Synopsis: [patch] [vuxml] graphics/imlib2: fix CVE-2008-5187
State-Changed-From-To: open-closed
State-Changed-By: stas
State-Changed-When: Mon Nov 24 17:50:36 UTC 2008
State-Changed-Why:
Committed, with minor changes. Thanks!
I can see no need for this on the
2008/11/23 [EMAIL PROTECTED]:
Synopsis: [vuxml] [patch] update audio/streamripper to 1.64.0, fix
CVE-2008-4829
Can we not have these on the freebsd-secuirty list please? I
subscribe to freebsd-security to get security alerts, not to get
emails every time a port is changed.
William Palfreman
On Nov 23, 2008, at 18:52, Pieter de Boer wrote:
Eirik Øverby wrote:
I have a FreeBSD based firewall (pfsense) and, behind it, a few
dozen FreeBSD servers. Now we're required to run external security
scans (nessus++) on some of the hosts, and they constantly come
back with a high or
Hi Eirik,
Perform the nmap scan and look at the tcpdump output to see how your
firewall and/or server react.
nmap command:
nmap -PN -sT --scanflags SYNFIN -pport anduin.net
where port was either 80 (open) or 8585 (closed).
tcpdump command on firewall (which NATs to internal IPs):
tcpdump -i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 24 Nov 2008 10:07:18 -0800 (PST)
Nate Eldredge [EMAIL PROTECTED] mentioned:
Upon reading this, my first question was whether the weakness applies to
the random numbers supplied by /dev/random. If it does, then userspace has
been getting
On 11/24/08 19:55, William Palfreman wrote:
2008/11/23 [EMAIL PROTECTED]:
Synopsis: [vuxml] [patch] update audio/streamripper to 1.64.0, fix
CVE-2008-4829
Can we not have these on the freebsd-secuirty list please? I
subscribe to freebsd-security to get security alerts, not to get
emails
On Mon, Nov 24, 2008 at 11:06:56PM +0100, William Palfreman wrote:
That's nice. I am sure it is very useful on the ports mailinglist
where it belongs. I also greatly enjoy the frequent interesting and
informed discussion on the security mailinglist - of which Eirik
Overby's thread recently
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You should better head over to security-advisories@ if you're only
interested in SA's. Claiming about reading security related issues on a
security mailing list sounds like fun.
I appreciate Eygenes' work.
I also appreciate this work, but I
On Mon, 24 Nov 2008 10:07:18 -0800 (PST)
Nate Eldredge [EMAIL PROTECTED] wrote:
Upon reading this, my first question was whether the weakness applies
to the random numbers supplied by /dev/random. If it does, then
userspace has been getting non-random values, and things like PGP and
SSH keys
On Mon, Nov 24, 2008 at 5:06 PM, William Palfreman [EMAIL PROTECTED]wrote:
2008/11/24 Volker [EMAIL PROTECTED]:
On 11/24/08 19:55, William Palfreman wrote:
2008/11/23 [EMAIL PROTECTED]:
Synopsis: [vuxml] [patch] update audio/streamripper to 1.64.0, fix
CVE-2008-4829
Can we not have
William, everyone, good day.
Mon, Nov 24, 2008 at 08:05:26PM +0100, William Palfreman wrote:
2008/11/24 [EMAIL PROTECTED]:
Synopsis: [patch] [vuxml] graphics/imlib2: fix CVE-2008-5187
State-Changed-From-To: open-closed
State-Changed-By: stas
State-Changed-When: Mon Nov 24 17:50:36 UTC
19 matches
Mail list logo