CentOS using yum to update Exim. Exim is configured to not allow remote connections using the local_interfaces config option.My old version was 4.63-5.el5_5.2 and after using:
yum update exim
Exim user can get owned by a remote exploit [URL].. I was running Exim 4.63 5.el5_5.1 on CentOS 5.5 x86_64 and my Exim user got owned by that exploit.
Now I ran yum update and exim updated to 4.63 5.el5_5.2 I cannot find anywhere if this updated fixes the exploit.
Exim: Is there away to block command when someone telnets to exim's port? Email won't send out unless they authenticate, but if there a way to total block them from typing all together, but still allow the server to receive email? IE, to block this:
[Code]...
I installed CentOS 3 and during the installation, I configured the disks using 'software RAID'. Then I installed my /data partion on /dev/md0. Everything seemed fine however I install a extremely bare installation of CentOS 5.3. I don't select any packages during the install process which includes anything under the 'base' package software selection. I then noticed that because I configured my system with 'software RAID', it found 'mdadm' as a dependency package and installed 'mdadm' however this also then grabbed 'exim-mta' package so now I have 1/2 a mail server installed simply because I have software RAID on my box. I am not permitted to have anything beyond 'Postfix' MTA on my LAN. I don't want Postfix any ways on this machine so is there a way I can install CentOS 5.3 cleanly w/o packages I don't want or need? I am sure I can 'yum remove exim' and that in turn will remove 'exim & mdadm' from my machine however I would like to start fresh.
View 1 Replies View RelatedMy mythbuntu 10.10 system including its lirc managed remote control has been working fine.I've recently done some updates (see below) and now the remote doesn't work correctly (only some of its keys seem to work). I suspect that lirc is no longer managing the remote and now instead the remote is now being treated like a keyboard.How do I get lirc managing my remote control correctly again,Before the updates the kernel was:
Code:
$ uname -a
Linux pvr 2.6.35-28-generic-pae #50-Ubuntu SMP Fri Mar 18 20:43:15 UTC 2011 i686 GNU/Linux
[code].....
There have been no updates recently (for almost two months) on any of my CentOS 5.5 boxes when I run 'yum check-update'. I may be misunderstanding the repo setup, but looking at the file mod dates, it seems that there hasn't been an update since 2011-01-06:[URL]...Meanwhile, a prominent North American Enterprise Linux vendor has had multiple security and bug fixes since then:[URl]...Is CentOS 5.5 still getting updated, or am I missing something (quite possible).
View 12 Replies View RelatedI did a yum update to install quite a few updates to my Centos 5.3 x86_64 system. Updates included kernel and xen which required a reboot. It must be a month or so since I last updated. The updates seemed to go fine - but when the machine restarts it goes through the bios screens which seem to detect all the hard drives etc - but then the word "Grub" appears at the bottom of the bios screen - and the system hangs. It doesn't appear to respond to keyboard input. The system is using linux raid in case that is relevant.
I am able to boot a centos5.2 live CD and look at the Logical volumes - and all appears in order to my untrained eye. I have also mounted the /dev/mdo as /tmp/bootx (boot volume) and had a quick look at /tmp/bootx/grub/grub.conf and /tmp/bootx/grub/device.map and again - I can't spot any obvious problem. I note that before the updates - my default boot was "1" and now it is "0" though this appears reasonable because the xen and non-xen images seem to be listed in the opposite order to earlier updates. I have set it to boot non-xen by default - and this has always worked in the past.
I realise that the recent updates may be a coincidence - and whatever is wrong may have occurred earlier. I cannot think of anything I have done which could have broken grub though. I can probably restore my boot volume to the state it was before the updates. I should have a backup from this morning - as luck would have it. Is this a safe thing to do - or do I need to restore both boot and root to keep them consistent. I would prefer not to restore the root system unless I have to - as this would cause some data loss. However I need advice as to whether yum and other things will get confused if the boot volume is restored in isolation.
I am running FTP server using vsftpd 2.0.5-12 on Centos 5.3 64bit with default settings, annonymous access enabled. Each night new files are created and moved into a FTP subdirectory (/var/ftp/spectra) by a script. The files are owned by a local user/group, not root, and the same holds for the /var/ftp/spectra subdirectory. The new files are not visible via FTP. Only visible are files that were created the same day when I made the directory /var/ftp/spectra. Also files that are created "in place", e.g. by vi, are visible until I change their owner/group. This is the situation when vsftpd is runned as a system service (/etc/init.d/vsftpd start).
When I start the vsftpd directly using the command /usr/sbin/vsftpd (both without or with the configuration file specified), all files are visible and normally accessible via FTP.
i have a dell inspiron 1764 windows 7. it will connect wirelessly fine on windows 7 side but when i boot to ubuntu cant detect network or anything. what do i need to do.
View 3 Replies View RelatedI'm running on 11.04 on my Dell Inspiron 1764, and so far haven't been able to achieve internet access through either a direct wired connection or wireless.
Wireless network controller: Broadcom BCM4312 802.11b/g LP-PHY (rev 01)
Ethernet controller: Realtek RTL8101E/RTL8102E PCI Express Fast Ethernet controller (rev 02)
Fixes I've tried so far:
Wired - Attempted to install the r8168 driver and remove the r8169 driver as is done in this thread:
url
Wireless - managed a fleeting wired connection yesterday, during which time I installed the Broadcom STA driver through Additional Drivers.
Also attempted to install the firmware-b43-lpphy-installer, following these instructions:
url
but to no avail (under Synaptic Package Manager, the firmware-b43-lpphy-installer still remains unchecked after I install it through terminal)
I've heard of attacks using PDF files on Windows with Adobe Acrobat and Foxit Reader. Is Linux vulnerable to these attacks when using the default PDF viewers in KDE or Gnome or even xpdf? What is a good PDF scanner to determine if a PDF file is evil?
View 2 Replies View RelatedDan Rosenberg has issued another Linux Kernel Exploit with PoC described in LWN [URL] I have tested that this exploit is not working on -Current (custom kernel, 2.6.36.1), which is good sign that Slackware is already immune of those problems.
View 12 Replies View RelatedMy laptop is beginning to show its age so it may be time for a new PC soon, and most likely it'll come with Windows 7 preloaded. I currently run a dual boot with Lucid and Windows XP, and although I hardly use XP anymore I would repeat this configuration on the new PC. So now I'm wondering if Windows 7 is any less vulnerable to viruses and malware than its earlier predecessors because I don't plan to renew any virus checking software that may come with it.
View 9 Replies View RelatedI was just wondering wether a directory (I know thats just a special file) could be a security problem, as they have execute permissions? Could an exploit be attached to a directory. Has this ever happened?
View 1 Replies View RelatedI installed lampserver and took measures to see that apache would only serve 127.0.0.1 (Which appears to be a software switch as ipconfig says it's port is still "Open")
Mysql however, could be vulnerable: Do I need to secure it or does it only serve localhost? If so, how do I secure it?
In the wake of all of the stories about the Windows DLL hijacking bug, it appears that certain Linux distributions may be vulnerable to a similar problem related to the way that Linux handles a specific variable in some cases. The bug apparently was introduced via a Debian patch last year.The discussion on the possible bug in Linux began with a blog post by Tim Brown, a UK-based security researcher, who detailed a specific case in which Linux could be vulnerable to an attack similar to those designed to exploit the Windows DLL bug. The post spawned a related discussion on the Full-Disclosure mailing list, in which several others confirmed that they'd seen the problematic behavior in certain Linux distributions, including Fedora, Ubuntu and Debian.
View 1 Replies View RelatedI've got a user getting heavily spammed but other users on the same domain are fine, it all started last night here's some info...
-rwsr-xr-x 1 root root 700492 Jun 8 18:18 exploit
I've got loads of these in 'top'
5975 dovecot 15 0 3712 1712 1432 S 0.0 0.2 0:00.00 imap-login
and these in ps dovecot
dovecot 5250 5533 0 13:05 ? 00:00:00 pop3-login
root 5533 1 0 11:21 ? 00:00:00 /usr/sbin/dovecot
root 5534 5533 0 11:21 ? 00:00:00 dovecot-auth
dovecot 5663 5533 0 12:15 ? 00:00:00 pop3-login
ps exim i've got
Code:
mail 19725 32303 0 15:03 ? 00:00:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid
mail 19732 19725 0 15:03 ? 00:00:00 [exim] <defunct>
mail 20142 19725 0 15:03 ? 00:00:00 [exim] <defunct>
[code]....
I am a student taking part in a comptition. We have a set of questions to complete within today. Can anyone please help me out with it. I have a custom written "echo" program in C, running on port number "1220" which echoes back the first 16 characters of whatever is given as the first command line argument. But somehow, my brother had got unauthorized remote root access. The program is given below. How did he do it? Please give the exploit code and explain how it works.
#include
#include
void echo(char* input) {
[code]....
Is Linux vulnerable to Java drive-by exploits? Another computer I run on windows 7 just notified me that it was infected through Java, and I'm wondering if my Linux box (ubuntu 10) with Java installed is vulnerable.
View 1 Replies View RelatedI have been reading about this new Firefox extension that can grab Twitter account information of computers connected to unprotected networks. Info: url
I occasionally have to connect to public, unprotected, WiFi networks and use Twitter via Gwibber. So, here is my question: is Gwibber vulnerable to Firesheep in an unprotected network? Is there a way of protecting it from this attacks? (I know that using https stops Firesheep attacks to the web version of Gwibber, but i don't think if this method is possible or applicable to Gwibber)
I've been looking awhile now, but no patch for this is yet to be found. Does anyone have more info, or better, a fix? Last version from GNU's ftp server is also vuln as of this writing.
View 3 Replies View RelatedA researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google's Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.
View 2 Replies View RelatedIm just trying to do my tax for this year using etax through wine on ubuntu 11.04. It seemed to install correctly and starts up through the shortcut as normal. I can fill out my details and proceed through a few different screens till i get to the "Rollover Function" screen (about 8th or 9th). Then no matter what i press, YES or NO, it does nothing. I can not get it to next screen to start filling out income details etc.
View 1 Replies View RelatedI've updated everything and if I could just get some audio it would make my birthday a ton better
View 1 Replies View RelatedThis is the first version that supports 64bit and ARM in addition the the 32 bit. Should be very interesting. [URL]
View 8 Replies View RelatedI have two Centos 5 servers one running Asterisk with PHP installed and another sever running as a MySql Database server, at the moment when I try run simple script to see if I can connect to the remote server I get the following error.Quote:Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
View 2 Replies View RelatedI've scanned my computer (I'm using Ubuntu 8.04 Hardy Heron) and ClamAV has issued it has found a virus called Exploit.PDF-9669. What seems strange to me is that such a warning always happens (or, at least, in the most cases) in the same folder tree "sys" and ClamAV issues the very same virus/malware warning (Exploit.PDF-9669).
An example:
sys/devices/virtual/vtconsole/vtcon0/uevent: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/address: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/broadcast: Exploit.PDF-9669 FOUND
sys/devices/LNXSYSTM:00/device:00/uevent: Exploit.PDF-9669 FOUND
My ClamAV version is 0.94.2/10275/Fri Jan 8 22:06:46 2010. It has been not updated since I installed Hardy in my computer last year. Is my computer in danger?
I read this morning that MicroSoft and Adobe Flash released a huge security update to counter the threat of malicious apps taking over systems. Included in the fix was Excel spreadsheets. Apparently a hacker could send a spreadsheet that if opened could remotely take over your machine. I opened my update manager and there was a sizable Open Office and Java update.
Question: Are Linux/Ubuntu machines susceptible to the security flaws?
Question: Since Adobe Flash is considered proprietary and not updated through the Ubuntu update manager, do I have to manually update that package?
how to install pess 2011 on natty narwhal.?
View 1 Replies View Relatedi've been using Linux for a couple of years it's always been Ubuntu/Kubuntu/Mint environments which i can just about find my way arround in.Because i wanted to try something new and was unhappy with the last development in Ubuntu i've looked arround and decided to try my luck with a KDE based distro, Pardus came accross well in the reviews.So, i'm now in Pardus but can't find my "trusted newsreader (binaries/nzb's)" PAN in the repo's.To be honest i can't find an awefull lot in the repo's, i have tried adding a couple of German based repositories but dissapointingly still no Pan.
Google, normally a mine of information has let me down aswell, so now i'm asking the Linux community for a little shared wisdom.If anyone could shed a little light for me, i'd be really gratefull - especially if you'd be kind enough point out how to install Pan if it can be found.Pretty shamefull when you realise just how little you really know when stepping out of the comfort zone.