最新版はこちら。 突っ込みは各日付の BBS エントリのほか、 メール (nakano@st.seikei.ac.jp) や フォーム からどうぞ。 なおスパム除けのため、BBS 機能には 緩い認証を入れて います。 検索エンジンから来た方は、エンジンの方のキャッシュを見るか、 下の簡易検索を試してみてください。
|
Namazu for hns による簡易全文検索 詳しくは 詳細指定/ヘルプを参照して下さい |
||||||||||||||||||||||||||||||||||||||||||||||||||
# /etc/init.d/pcmcia start Starting PCMCIA services: cardmgr[22343]: no pcmcia driver in /proc/devices /lib/modules/2.4.18/pcmcia/ds.o: init_module: Operation not permitted /lib/modules/2.4.18/pcmcia/ds.o: insmod /lib/modules/2.4.18/pcmcia/ds.o failed /lib/modules/2.4.18/pcmcia/ds.o: insmod ds failed Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters done.で駄目。とりあえず 3.1.33-7 に戻した。 ds.o は orinoco_cs.o から呼んでるのか。ふむー。 まあカーネルの 2.4.19 が出たあたりでもっぺんやってみますか。
Changes: This release fixes a theoretical buffer overflow in a part of the code that is not used by any configuration shipped with Sendmail. It affects the DNS map if it is used with the type TXT and a compromised or rogue DNS server is queried. If you use a custom DNS map definition to query DNS TXT records, such as "Kdnstxt dns -R TXT", then you should upgrade. Some other changes were also made.
The ISS recently discovered a vulnerability within the "challenge-response" authentication mechanism in the OpenSSH daemon (sshd). This mechanism, part of the SSH2 protocol, verifies a user's identity by generating a challenge and forcing the user to supply a number of responses. It is possible for a remote attacker to send a specially-crafted reply that triggers an overflow. This can result in a remote denial of service attack on the OpenSSH daemon or a complete remote compromise. The OpenSSH daemon runs with superuser privilege, so remote attackers can gain superuser access by exploiting this vulnerability. OpenSSH supports the SKEY and BSD_AUTH authentication options. These are compile-time options. At least one of these options must be enabled before the OpenSSH binaries are compiled for the vulnerable condition to be present.ということは ssh2 プロトコル使わなきゃいいのか?
A man would do nothing if he waited until he could do it so well that no one could find fault.
--John H. Newman (1801-90)