openSUSE Security May 2004

security@lists.opensuse.org

85 participants
72 discussions

severe security flaw in KDE <= 3.2.2, see http://www.kde.org/info/security/advisory-20040517-1.txt and http://www.heise.de/security/news/meldung/47451
by Mathias Homann 18 May '04

18 May '04

As said in Subject... http://www.heise.de/security/news/meldung/47451 and http://www.kde.org/info/security/advisory-20040517-1.txt advise to get updated packages asap. where are the updates for suse? bye, MH -- Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und §823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt!

2 1

cannot access ftp server -- getpeername (in.ftpd): Transport endpoint is not connected
by Matthias Hupp 17 May '04

17 May '04

Hello, maybe one of you can help me with this problem. I am posting it here because it seems to be caused by a security mechanism. The ftp server on a web/mail/inet-gateway machine I am taking care of can no longer be accessed, ever since one of the secretaries decided to switch it off and on again because she could not access her files on a Windows server. I have made some changes on the ipchains rules since then, but ftp is open on the internal interface. Anyway, access is possible neither from the LAN, nor from the machine itself when I am logged on via ssh. I get this message on the shell: *** # ftp localhost Trying ::1... ftp: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. 421 Service not available, remote server has closed connection. *** and this turns up both in /var/log/warn and /var/log/messages: *** May 17 13:01:01 server in.ftpd[12726]: warning: can't get client address: Invalid argument May 17 13:01:01 server ftpd[12726]: getpeername (in.ftpd): Transport endpoint is not connected May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1 May 17 13:01:01 server in.ftpd[12727]: warning: can't get client address: Invalid argument May 17 13:01:01 server ftpd[12727]: getpeername (in.ftpd): Transport endpoint is not connected May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1 May 17 13:01:01 server in.ftpd[12728]: warning: can't get client address: Invalid argument May 17 13:01:01 server ftpd[12728]: getpeername (in.ftpd): Transport endpoint is not connected May 17 13:01:01 server inetd[813]: /usr/sbin/tcpd: exit status 0x1 May 17 13:01:01 server inetd[813]: ftp/tcp server failing (looping), service terminated *** ... repeated over and over again, with rising pids. Trying other ftp servers (by changing inetd.conf) resulted in the same, with in.ftpd changed to proftpd etc. BTW, the name of the machine is included in /etc/hosts. Have any of you had that problem? Please help, running out of time... Looking for old threads that included these error messages only turned up tons of hacking-related questions. Thank you! Matthias

2 1

Firewall Check
by Michael Rauter 17 May '04

17 May '04

Hi I've found an interesting Program to check firewalls. It demonstrates the ability to connect to internet via other programs which are allowed to connect. (Trojan Horses) Is it possible to block the program from accessing the internet via a stand-alone router ? http://www.pcinternetpatrol.com/downloads/pcaudit.exe Is this simply a program to panic users or is there a serious danger ? Regards Michael

5 7

OT: OpenPBS / GridEngine configuration on SuSE 9.0
by Simon Oliver 17 May '04

17 May '04

Sorry for the OT post (I did try the suse-linux-e list without any response) - I'm hoping someone here can help or knows where I can post this message and actually get a response. I'm trying to use OpenPBS on SuSE 9.0. I would like to use the SuSE configured version rather than a custom compile. Normally I check the README.SuSE (under /usr/share/doc/packages/) for a package before proceeding but in this case it's odd - it seems to be a tar file that contains two files: -rw-r--r-- nashif/users 2298 2002-07-29 00:09:00 SuSEconfig.pbs -rw-r--r-- nashif/users 1068 2002-08-04 15:42:55 pbsmom.init There are no instructions or documentation on how OpenPBS has been set up to run (as a server) on SuSE 9.0. There are configuration files in the /etc/sysconfig directory, but there is no documentation on what the variables do or what their effect is. I could try reading the init scripts but surely the relevant information is documented somewhere? /etc/sysconfig/pbs_server /etc/sysconfig/pbs_mom A similar problem exists for GridEngine. Please can you provide a link to the documentation, or any help in this regard? TIA -- Simon Oliver

1 0

Network Device Problem
by Robert Rottscholl 17 May '04

17 May '04

Dear List, I've a certain security problem. My SuSE 9.1 box has two network cards (ne2k-pci, sundance). I also run SuSEfirewall. Everytime my box starts the network devices are assigned to a different interface, e.g. 1. Boot: sundance -> eth0 ne2k-pci -> eth1 2. Boot: ne2k-pci -> eth0 sundance -> eth1 3. Boot: the other way round.... So sometimes my services (like bind, squid, vftpd) listen on the world devices (which is not wished) and sometimes they listen on the internal network interface (wished configuration). Now anyone can attack my services, because SuSEfirewall offers them to world outside. Does anybody know this bug/poblem? Greets Robert

2 1

online_update login problem
by Matt Jurcich 17 May '04

17 May '04

Hey all, I'm trying to get online_update working so I can set it up with cron to download patches automatically. I have documentation on how to do this. My issue is when I run online_update from the command prompt, it displays the product, and version, etc, then returns an error: Error retrieving patches: ERROR(Media:login failed) I checked my /etc/sysconfig/onlineupdate file and the correct login and password are in there. Running Online Update from YAST2 in graphical mode manually works just fine. I used the -D switch for debug mode and it didn't reveal any additional information, which I thought was odd. Thanks for any assistance on this one! -m --- matt jurcich, networkologist (IC) invisik corporation, for IT ingenuity

1 1

unsubscribme
by Marian la Rogers 16 May '04

16 May '04

1 0

SUSE backporting
by Matt Jurcich 16 May '04

16 May '04

Hey all, I've a SUSE Standard Server 8.0 and noticed the latest version of ssh that Online Update gives me is only 3.4.x ! The most recent out there is 3.7.x. What gives? Shouldn't these be up to date, especially as I'm on maintainence and am regularly updating from the SUSE server through Online Update in YAST? Thanks much... -m --- matt jurcich, networkologist (IC) invisik corporation, for IT ingenuity

4 4

Why is passwd truncating passwords
by Arjen Runsink 14 May '04

14 May '04

Hi, Following is in /etc/security/pam_pwcheck.conf password: blowfish nullok Manual says it will truncate at 97 or so chars. So why does passwd truncate at 8????? Verified on 2 systems, and seen by others. BB, Arjen

3 7

YOU 9.1 SuSEfirewall attention please
by Frank Stuehmer 14 May '04

14 May '04

Hello list, I've just performed an online update for SuSEfirewall2 on Suse 9.1. Personal settings was before update FW_MASQ_NETS="\ 192.168.100.0/24,0,0,tcp,22 \ 192.168.100.0/24,0,0,tcp,25" after update FW_MASQ_NETS="\ ## Type: yesno ## Default: yes 192.168.100.0/24,0,0,tcp,22 \ 192.168.100.0/24,0,0,tcp,25" If you try to restart SuSEfirewall2 it fails (of course). Next machine I will edit the file before restart firewall. Frank

3 2

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security May 2004