Please support VectorLinux!

Author Topic: Danger! New exploit - VL standard vulnerable!  (Read 27996 times)

never_stop_learning

  • Vectorite
  • ***
  • Posts: 263
    • CigarWeekly
Re: Danger! New exploit - VL standard vulnerable!
« Reply #30 on: September 21, 2008, 09:49:24 am »
If it can be screwed up, I can do it.  Ask laganon.  The name sledgehammer has some history to it. When I, for example, get something off slacky.eu (?), never_stop_learning cringes. These problems are mine, not Vector's, though those following my travails might find them helpful on occasion to make Vector even more bullet-proof.   My theory is that eventually one reaches a state where the mind starts to understand a little bit how software works...starts to see the big picture.  Perhaps someday, my mind will get there. Its certainly not there yet.

Anyway, 99% of the errors went away when I did the update.

Thanks again. 

John
We have been trying (without success - he is quite crafty and resourceful) to restrict John's access to 'root' for years..... ;)
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std

joec

  • Member
  • *
  • Posts: 29
Re: Danger! New exploit - VL standard vulnerable!
« Reply #31 on: December 02, 2008, 08:29:52 am »
Sorry to resurrect this thread but did sledgehammer ever get this particular problem resolved? I am having it now.


"I then tried vasmCC (ver 1.06 is on my system) for the heck of it (I use vasm, which works fine) and got the following error:

Quote
[2] Cannot load class 'FAltMain': Version too old. Please recompile the project.
?
"


sledgehammer

  • Vectorian
  • ****
  • Posts: 1451
Re: Danger! New exploit - VL standard vulnerable!
« Reply #32 on: December 03, 2008, 02:12:05 am »
joec,

A.  My system still works fine.  Great even.
B.  I still don't have wifi-radar on my Network (or System) menu but I use wifi-radar from terminal root daily without problem. 
C. I just tried VASMCC (which I don't use) and it works fine (I no longer get the 'FAltMain': error).
D.  I have no clue what I may have done to fix that.  I suspect my computer is haunted by a friendly ghost.

Good luck.

John
VL7.0 xfce4 Samsung RF511

never_stop_learning

  • Vectorite
  • ***
  • Posts: 263
    • CigarWeekly
Re: Danger! New exploit - VL standard vulnerable!
« Reply #33 on: December 05, 2008, 02:58:25 pm »
Sorry to resurrect this thread but did sledgehammer ever get this particular problem resolved? I am having it now.


"I then tried vasmCC (ver 1.06 is on my system) for the heck of it (I use vasm, which works fine) and got the following error:

Quote
[2] Cannot load class 'FAltMain': Version too old. Please recompile the project.
?
"



This should solve your VASMCC issue:

http://forum.vectorlinux.com/index.php?topic=5443.0
Laptop: IBM X60s (Centrino/Duo, 2gb ram, 80gb hd) VL 6.0 Std
Netbook: HP Mini (Intel Atom 1ghz, 2gb ram, 16gb SSD + 8gb flash ) VL 6.0 Std
Desktop: Dell Dimension 5150 (P4 3ghz, 2gb ram, 80gb hd) VL 6.0 Std
Wife's Desktop: Gateway (P4 2ghz, 1gb ram, 80gb hd) VL 6.0 Std

RJARRRPCGP

  • Member
  • *
  • Posts: 14
Re: Danger! New exploit - VL standard vulnerable!
« Reply #34 on: December 08, 2008, 03:10:52 pm »
I've never seen a message requiring downgrade.  I'd enable packages and extra and try it at the command line with slapt-get.  It won't do anything without your confirmation.  I suspect some of the dependencies you need for newer versions are in packages or extra.

*Warning, bad news, when I did slapt-get --update and then slapt-get --upgrade, the latest Firefox installed was 2.0.0.12!*

The current version of Firefox 2 is 2.0.0.16, AFAIK!

caitlyn

  • Packager
  • Vectorian
  • ****
  • Posts: 2876
    • The Linux Works
Re: Danger! New exploit - VL standard vulnerable!
« Reply #35 on: December 27, 2008, 02:25:31 am »
The latest Firefox is 3.0.5 and it is in the repositories for VL 5.9 and VL 6.0.  You should make sure you have the Patches repository enabled.  It wasn't by default in 5.9 and that actually was a bug.   If you don't have Patches enabled then you most certainly have a system with LOTS of security vulnerabilities.

We aren't packaging the Firefox 2.x series anymore.  The latest in that series is 2.0.0.20.
eMachines EL-1300G desktop, 1.6GHz AMD Athlon 2650e CPU, 4GB RAM, nVidia GeForce 6150 SE video
CentOS 6.5 (will try VL64-7.1 soon)

Toshiba Satellite A135-S4727,  Intel Pentium T2080 / 1.73 GHz, 2GB RAM, Intel GMA 950

HP Mini 110 netbook, 1.6GHz Intel Atom CPU, 2GB RAM, Intel 950 video, VL 7.1