Telindus Router (series 112x)
has a well-know authentication problem,
which lets to extract router password
from a UDP-dump sniffed over 9833 port.
More about this at:
http://www.securiteam.com/securitynews/5DP0A2K7GY.html
or
http://neworder.box.sk/showme.php3?id=6730
New firmware
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-12
- -
PACKAGE : openldap
SUMMARY : remote command execution
DATE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-13
- -
PACKAGE : cups
SUMMARY : multiple cups vulnerbilities
DATE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
DSINet Security Advisory DSINET-SA-02-01
http://www.dsinet.org/textfiles/advisories/dsinet/dsinet-sa-02-01.txt
Potential DOS attack with Web-CyrAdm
Program: Web-CyrAdm
Credits: Remko Lodder ( [EMAIL PROTECTED] - http://www.dsinet.org/ )
Vendor: Luc
-BEGIN PGP SIGNED MESSAGE-
leafnode-SA-2002:01.versions
Topic: vulnerabilities in leafnode
Announcement: leafnode-SA-2002:01
Writer: Matthias Andree
Version:1.00
Announced: 2002-12-29
Category: main
Type: denial of service
Impact:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 218-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
December 30th, 2002
Sunday, December 29, 2002
There is a small silly hitch with CITIBANK CANADA's secured sign in
to online banking:
https://citibankcanada.ebilling.com/index.jhtml
Specifically AUTOCOMPLETE=off in the forms. It is not set.
While much explanation is made about SSL connections and fancy
digital
Recently, I evaluated Visual SourceSafe (VSS) 6.0 for an employer. We
were comparing it to other network-aware source code control systems.
Visual SourceSafe is barely network aware. By barely, it is network
aware in the same way an Access Database can be network aware - all
program logic
So Many Holes, So Few Hacks By Michelle Delio
http://www.wired.com/news/infostructure/0,1377,56955,00.html
Experts who discover and report security holes seem to be far more
industrious than the malicious hackers willing or able to exploit those
holes.
Despite the thousands of hackable holes