Re: Method for intrusion
Date: Sat, 03 May 2003 07:01:19 GMT
-----BEGIN PGP SIGNED MESSAGE-----
John Oliver wrote:
> ... but I would really like to be able to find the inital point of
> entry to make sure that other hosts on the same network aren't also
There have been a bunch of updates for Red Hat boxes.
just to name a very few.
That fact that this 'host probably hadn't been patched in a while' is quite
possibly the problem. I admin a public access RH 7.1 box and there has been a
bunch of updated packages. I would suggest taking a look at any packages that
didn't get installed that should have, that was an update related to security.
A "few" is an indefinitely small number that conveys a qualitative sense of a
quantity, but not quantitative fact.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
- [CLA-2003:798] Conectiva Security Announcement - gnupg
... way GnuPG deals with type 20 ElGamal sign+encrypt keys which allows ... This is a serious vulnerability with immediate impact: ... It is recommended that all GnuPG users upgrade their packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
- [CLA-2003:694] Conectiva Security Announcement - gnupg
... SUMMARY: GnuPG key validity vulnerability ... For Conectiva Linux 7.0 and 8, the GnuPG package has been updated to ... It is recommended that all GnuPG users upgrade their packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
- [Full-disclosure] [ MDKSA-2006:141 ] - Updated gnupg packages fix vulnerability
... Package: gnupg ... An integer overflow vulnerability was discovered in gnupg where an ... Updated packages have been patched to correct this issue. ... Mandriva Linux 2006.0/X86_64: ...
- Re: etch --> testing
... | matter is there any information about when a lenny freeze might happen? ... packages, desktop effects, etc. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
- [Full-disclosure] [USN-170-1] gnupg vulnerability
... gnupg vulnerability ... Ubuntu 4.10 ... since the attack requires a huge amount of oracle answers ... The updated packages disable the quick check, ...