From owner-freebsd-hubs@FreeBSD.ORG Wed Dec 3 16:55:32 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0A78E16A4CE for ; Wed, 3 Dec 2003 16:55:32 -0800 (PST) Received: from farside.isc.org (farside.isc.org [204.152.187.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5363943FBF for ; Wed, 3 Dec 2003 16:55:31 -0800 (PST) (envelope-from Peter_Losher@isc.org) Received: from dhcp-186.sql1.isc.org (dhcp-186.sql1.isc.org [204.152.187.186]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by farside.isc.org (Postfix) with ESMTP id 151C7A85C for ; Thu, 4 Dec 2003 00:55:31 +0000 (UTC) (envelope-from Peter_Losher@isc.org) From: Peter Losher Organization: ISC To: hubs@freebsd.org Date: Wed, 3 Dec 2003 16:55:30 -0800 User-Agent: KMail/1.5.3 References: <20031204004744.GA1040@ncsa.uiuc.edu> In-Reply-To: <20031204004744.GA1040@ncsa.uiuc.edu> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200312031655.30453.Peter_Losher@isc.org> Subject: Re: HEADS UP! Watch out for security on your machines and exploits! X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Dec 2003 00:55:32 -0000 On Wednesday 03 December 2003 04:47 pm, Jon Dugan wrote: > In addition there may be a vulnerability in rsync running in daemon > mode. I received a forwarded email about this, so it is unverified at > this time, but if you offer rsyncd access you may wish to monitor > this. There's a note on /. about this (Gentoo was attacked) http://lists.netsys.com/pipermail/full-disclosure/2003-December/014440.html -Peter -- Peter_Losher@isc.org | ISC | OpenPGP Key E8048D08 | "The bits must flow"