Oracle's released three security-related patches today. I'm trying to
get my head around them to write up a Stanford Security Alert, but
there's conflicting information. According to
http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf the buffer
overflow in the EXTPROC code can only be tri
-- Tina Bird
"Wine is strong, the King is stronger, women are strongest, but TRUTH
conquers all."
- Inscription in the Rosslyn Chapel (near Edinburgh, Scotland)
http://www.shmoo.com/~tbird
Log Analysis http://www.counterpane.com/log-analysis.html
VPN http://vpn.shmoo.com
Note that the first URL listed in the Security Advisory is incorrect. It
should be http://www.cisco.com/warp/public/707/ntp-pub.shtml, not
http://www.cisco.com/warp/public/707/NTP-pub.shtml.
On Wed, 8 May 2002, Cisco Systems Product Security Incident Response Team wrote:
> -BEGIN PGP SIGNE
-- Forwarded message --
Date: Mon, 9 Jul 2001 09:51:42 -0500
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: Nokia contact information (fwd)
Hi Tina,
Thanks for the heads-up!
Here is the place to go - http://forum.nokia.com/main/1,6668,5_9,00.html
Kelly
--
do of course think we should use 3DES when possible...
cheers -- Tina Bird
On Mon, 26 Feb 2001 [EMAIL PROTECTED] wrote:
> Date: Mon, 26 Feb 2001 11:21:51 +0200
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> Subject: Nortel CES (3DES version) offers false sense of