Marc Barrot: security

Sendmail Security Alert

Mon, 03 Mar 2003 18:13:00 GMT

Received another security notice from RedHat this afternoon:

During a code audit of Sendmail by ISS, a critical vulnerability was uncovered that affects unpatched versions of Sendmail prior to version 8.12.8. A remote attacker can send a carefully crafted email message which, when processed by sendmail, causes arbitrary code to be executed as root.

[read more]

Vulnerability In Redhat's glibc

Fri, 04 Oct 2002 17:38:04 GMT

From the latest RHN alert: ... A read buffer overflow vulnerability exists in the glibc resolver code in versions of glibc up to and including 2.2.5. The vulnerability is triggered by DNS packets larger than 1024 bytes and can cause applications to crash. [read more]

Securing Linux: Why It's Worthwhile and Achievable

Fri, 04 Oct 2002 16:17:22 GMT

Michael Bauer, author of Building Secure Servers with Linux, explains some of the reasons why it's both possible and worthwhile to secure Linux for use as an Internet server platform. [an O'Reilly Network Article]

A Visit To Amanda

Wed, 25 Sep 2002 19:35:24 GMT

Æleen Frisch: Top Five Open Source Packages for System Administrators - Number 5 [in O'Reilly Network's Newsletter].

Site Logging And Monitoring

Fri, 06 Sep 2002 17:22:34 GMT

Thanks to Jon Udell for reminding me what "slam" stands for :-) [read more]

Sat, 03 Aug 2002 16:04:54 GMT

Apple releases Security Update 2002-08-02. [read more]

Apache mod_ssl and openSSH Update For MacOS X

Sat, 29 Jun 2002 04:29:45 GMT

I've just installed the Security Update, July 2002 edition on my MacOS X machines after reading this [read more]

So Long, And Thanks For All The Passwords

Fri, 14 Jun 2002 04:02:38 GMT

This catchy phrase is printed on the cool openBSD t-shirt I got at the expo. [read more]

Honeypots and Honeynets

Thu, 13 Jun 2002 22:47:11 GMT

[img] in Yesterday's tutorial, Marcus Ranum presented the latest data on the cracker population, as gathered by the honeynet group, and, while talking way too fast for a presentation, made a good case for honeypots as tools for intrusion detection. [read more]

Mail Sending Mistakes

Thu, 13 Jun 2002 22:14:43 GMT

A follow up on David Blank-Edelman Perl for System Administration tutorial on Tuesday. [read more]

Monitoring Security

Tue, 11 Jun 2002 16:02:38 GMT

Here our some ground rules when using SNMP and client server tools to monitor systems and network devices [read more]

Host Resources MIB

Mon, 10 Jun 2002 16:26:22 GMT

RFC 1514 defines a Management Information Base for host systems.

Live From Usenix Tutorial Sessions

Mon, 10 Jun 2002 18:56:09 GMT

The wireless connection just came up in our meeting room. I'm currently attending John Sellens' System And Network Monitoring tutorial [read more]

PHP Security Revisited

Thu, 18 Apr 2002 15:14:10 GMT

Catching up on Martin Heller's PHP Revisited column on Byte.com, I've just realised I am responsible for a site with public Internet exposure and PHP 4.1.1 for Windows [read more]

Office X Combined Updater 10.0.3

Wed, 17 Apr 2002 23:31:56 GMT

Today is update day on "slam". [read more]

MacOS X 10.1.4 Upgrade

Wed, 17 Apr 2002 23:08:29 GMT

Apple does slightly better than Microsoft in their system update description:

Security Update: -- BSD-based TCP/IP connections now check and block broadcast or multicast IP destination addresses.

Among other things, version 10.1 [read more]

Internet Explorer 5.1.4 Update

Wed, 17 Apr 2002 23:01:29 GMT

Microsoft really needs to work on their update descriptions, especially when security issues are involved. [read more]

SOAP::Lite Updated

Tue, 16 Apr 2002 13:52:18 GMT

Good news while checking my email this morning, Paul Kulchenko 's notice that a new 0.55 version of SOAP::Lite is available for download, both in Unix [read more]

Securing SOAP::Lite - Addendum

Thu, 11 Apr 2002 20:35:07 GMT

In my far from expert opinion, securing the open() call in HTTP::Daemon::ClientConn::sendfile would make for a more secure SOAP::Lite module. [read more]

SOAP::Lite::Paul_Strikes_Back()

Thu, 11 Apr 2002 01:09:51 GMT

Dave directed my attention to Paul Kulchenko's answer to the full package name traversal explo [read more]

SOAP::Lite Exploit - continued

Wed, 10 Apr 2002 22:36:05 GMT

[img] I took time this afternoon to read the SOAP::Lite exploit [read more]

SOAP::Lite Vulnerability Issue

Tue, 09 Apr 2002 18:00:50 GMT

I don't have time to check this exploit, but if the issue described below is verified, Perl web services are in a world of hurt :

IlyaM writes "About four months ago there was Phrack article named RPC without borders which describes quite [read more]

MacOS X security update includes openSSH 3.1

Fri, 05 Apr 2002 14:35:15 GMT

Apple Security Update released for Mac OS X. [read more]

Aqua interface to syslog.conf

Wed, 13 Mar 2002 11:39:01 GMT

Syslog Gen X 1.0. [read more]

Race condition in GNU FileUtils

Tue, 12 Mar 2002 18:04:30 GMT

Race condition in various utilities from fileutils GNU package may cause root user to delete the whole filesystem. [read more]

Updated RedHat 7.2 rpms

Tue, 12 Mar 2002 00:25:06 GMT

A number of important updates to RedHat Linux 7.2 were released between last Friday and today: binutils vs. [read more]

Fri, 08 Mar 2002 15:06:49 GMT

OpenSSH Alert !

LinuxSecurity: "A bug exists in the channel code of OpenSSH versions 2.0 - 3.0.2 Users with an existing user account can abuse this bu [read more]

Thu, 07 Mar 2002 21:05:11 GMT

Network sniffers are always bad news

SwitchSniff. [read more]