Ficaa no seu canto pois vc nao e homem nem de mostrar a cara..
FILHO DA PUTA
Versão Imprimível
Ficaa no seu canto pois vc nao e homem nem de mostrar a cara..
FILHO DA PUTA
Estou mandando isso para o filho da PUTA do Anonimo que esta provocando o hacker .
Fica no seu canto se nao o bicho vai pegar para tu . <IMG SRC="images/forum/icons/icon_mad.gif">
Peço a todos os usuário de Linux(não importa a distro), não vale a pena dar ouvidos a um carinha que se intitula de HACKER. ele usa RH pois sem os scripts ele não sabe sobreviver. Aposto que sem o sndconfig, ele não sabe carregar o módulo da pl. Som dele. Hacker vai hackear seu Windows seu idiota !!!
<TABLE BORDER=0 ALIGN=CENTER WIDTH=85%><TR><TD><font size=-1>Quote:</font><HR></TD></TR><TR><TD><FONT SIZE=-1><BLOCKQUOTE>
On 2003-05-23 15:38, Hacker wrote:
1. Slackware: bitchx multiple vulnerabilities
[slackware-security] BitchX security fixes (SSA:2003-141-02)
New BitchX packages are available to fix security problems found
by Timo Sirainen. BitchX is an IRC (Internet Relay Chat) client.
Under certain circumstances, a malicious IRC server could cause
BitchX to crash, or possibly to run arbitrary code as the user
running BitchX.
All sites running BitchX are advised to upgrade.
More information on the problem can be found here:
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue May 20 20:13:09 PDT 2003
patches/packages/bitchx-1.0c19-i386-3.tgz: Patched several potential "evil
server" security problems noted by Timo Sirainen.
(* Security fix *)
+--------------------------+
Details at: <a href="http://www.linuxsecurity.com/advisor...ory-3284.html" target="_blank" target="_new">http://www.linuxsecurity.com/advisor...-3284.html</a>
2. Slackware: epic4 multiple vulnerabilities
[slackware-security] EPIC4 security fixes (SSA:2003-141-01)
New EPIC4 packages are available to fix security problems found
by Timo Sirainen. EPIC4 is an IRC (Internet Relay Chat) client.
Under certain circumstances, a malicious IRC server could cause
EPIC4 to crash, or possibly to run arbitrary code as the user
running EPIC4.
All sites running EPIC4 are advised to upgrade.
More information on the problem can be found here:
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue May 20 20:13:09 PDT 2003
patches/packages/epic4-1.0.1-i386-3.tgz: Patched a buffer overflow in ctcp.c.
(* Security fix *)
+--------------------------+
Details at: <a href="http://www.linuxsecurity.com/advisor...ory-3283.html" target="_blank" target="_new">http://www.linuxsecurity.com/advisor...-3283.html</a>
3. Slackware: glibc buffer overflow vulnerability
[slackware-security] glibc XDR overflow fix (SSA:2003-141-03)
An integer overflow in the xdrmem_getbytes() function found in the glibc
library has been fixed. This could allow a remote attacker to execute
arbitrary code by exploiting RPC service that use xdrmem_getbytes(). None of
the default RPC services provided by Slackware appear to use this function,
but third-party applications may make use of it.
We recommend upgrading to these new glibc packages.
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue May 20 20:13:09 PDT 2003
patches/packages/glibc-2.3.1-i386-4.tgz: Patched, recompiled.
(* Security fix *)
patches/packages/glibc-debug-2.3.1-i386-4.tgz: Patched, recompiled.
(* Security fix *)
patches/packages/glibc-i18n-2.3.1-noarch-4.tgz: Rebuilt.
patches/packages/glibc-profile-2.3.1-i386-4.tgz: Patched, recompiled.
(* Security fix *)
patches/packages/glibc-solibs-2.3.1-i386-4.tgz: Patched a buffer overflow in
some dead code (xdrmem_getbytes(), which we couldnt find used by anything,
but it doesnt hurt to patch it anyway)
(* Security fix *)
patches/packages/glibc-zoneinfo-2.3.1-noarch-4.tgz: Rebuilt.
+--------------------------+
Details at: <a href="http://www.linuxsecurity.com/advisor...ory-3285.html" target="_blank" target="_new">http://www.linuxsecurity.com/advisor...-3285.html</a>
4. Slackware: mod_ssl timing based attack vulnerability
[slackware-security] mod_ssl RSA blinding fixes (SSA:2003-141-05)
An upgrade for mod_ssl to version 2.8.14_1.3.27 is now available.
This version provides RSA blinding by default which prevents an
extended timing analysis from revealing details of the secret key
to an attacker. Note that this problem was already fixed within
OpenSSL, so this is a "double fix". With this package, mod_ssl
is secured even if OpenSSL is not.
We recommend sites using mod_ssl upgrade to this new package.
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue May 20 20:13:09 PDT 2003
patches/packages/mod_ssl-2.8.14_1.3.27-i386-1.tgz: Upgraded to
mod_ssl-2.8.14_1.3.27. Includes RSA blinding fixes.
(* Security fix *)
+--------------------------+
Details at: <a href="http://www.linuxsecurity.com/advisor...ory-3287.html" target="_blank" target="_new">http://www.linuxsecurity.com/advisor...-3287.html</a>
5. Slackware: quotacheck vulnerability
Advisories: Slackware 5/22/2003 9:49
[slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06)
An upgraded sysvinit package is available which fixes a problem with
the use of quotacheck in /etc/rc.d/rc.M. The original version of
rc.M calls quotacheck like this:
echo "Checking filesystem quotas: /sbin/quotacheck -avugM"
/sbin/quotacheck -avugM
The M option is wrong. This causes the filesystem to be remounted,
and in the process any mount flags such as nosuid, nodev, noexec,
and the like, will be reset. The correct option to use here is m,
which does not attempt to remount the partition:
echo "Checking filesystem quotas: /sbin/quotacheck -avugm"
/sbin/quotacheck -avugm
We recommend sites using file system quotas upgrade to this new package,
or edit /etc/rc.d/rc.M accordingly.
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue May 20 20:13:09 PDT 2003
patches/packages/sysvinit-2.84-i386-26.tgz: Use option M, not m, for
quotacheck.
Otherwise, the partition might be remounted losing flags like nosuid,nodev,
noexec. Thanks to Jem Berkes for pointing this out.
(* Security fix *)
+--------------------------+
Details at: <a href="http://www.linuxsecurity.com/advisor...ory-3288.html" target="_blank" target="_new">http://www.linuxsecurity.com/advisor...-3288.html</a>
</BLOCKQUOTE></FONT></TD></TR><TR><TD><HR></TD></TR></TABLE>
O Savio tu fica de olho aberto comigo que tenho certeza que e vc . <IMG SRC="images/forum/icons/icon_mad.gif">
E ae cadu...
sério mesmo... não fiu eu..... eu estava na faculdade de manhã tendo aula de metodologia cientifica sem chance!!, mais valeu da próxima vez vc conssegue!!!
abraços
Savio..