On Fri, Mar 16, 2007 at 02:44:07PM -0600, Neil Dickey wrote:
> Even an absolutely secure operating environment ( OS +security programs )
> can be compromised by a user who is ignorant or malicious, or by third-
> party software which is poorly made.
Perhaps I'm misinterpreting your words, but I r
man 1.5l was released today, fixing a bug which results in arbitrary code
execution upon reading a specially formatted man file. The basic problem
is, upon finding a string with a quoting problem, the function my_xsprintf
in util.c will return "unsafe" (rather than returning a string which could
b
On Wed, 24 Jul 2002 [EMAIL PROTECTED] wrote:
> If your server will give the same challenge repeatedly, and you can
> sniff somebody else's challenge and response, it appears that you could
> authenticate without knowing the password simply by connecting within
> the 1-second window to get the sam
> Similarly: 3DES isn't stronger than 112 bits. I'm not claiming that
> 3DES is weaker than 112 bits. I claim that some smart people found
> that cracking 3DES requires only on the order of 2^112 operations,
2^112 operations, given 2^56 blocks of memory. Since DES has an 8 byte
block, that's 512
