SEC-CONSULT Security Advisory - PHP: Hypertext Preprocessor
Vendor: PHP (http://www.php.net)
Product: PHP 4.3.6 and below (verified in 4.3.5 which was current when the bug was
discovered)
Vendor status: vendor contacted (04-04-2004)
Patch status: Problem fixed in 4.3.7
===
DESCRIPTION
On Sunday, June 06, 2004 2:35 AM James Garrison wrote:
CORRECTION - Firmware is 3.1RC5 not 2.0RC5 as I first stated
My WG602v2 with firmware 3.1RC5 does not appear to be vulnerable.
^^
I cannot login with the super/5777364 combination.
Firmware 3.2RC3 seems
Folks;
I found a new firware update on the Netgear product support page that removes this
account, along with a couple of other fixes.
I upgraded, and the login is no longer available. Good, quick response.
Quoting Tom Knienieder [EMAIL PROTECTED]:
KHAMSIN Security News
KSN
-- snip --
worth a try for securitys sake ? yes!
-- snip --
Before anybody does something stupid, remember that in the USA we really
no longer have the bill of rights. We also no longer have checks and
balances. We can be jailed indefinitely without even knowing what we're
charged with. As
I haven't installed SP2 yet since I heard a lot of complaints from people
who claimed it caused instability, it had memory management issues, some
drivers didn't work, security measures a bit too much in your face etc
But I reviewed the list of changes sometime back and I concur, it looks very
When run remotely:
Line: 1
Char: 1
Error: Access is denied.
Code: 0
URL: http://62.131.86.111/security/idiots/repro/installer.htm
When run locally, software installation is blocked.
Using IE 6.0.2900.2096 SP2, WinXP SP2
I've gotta say that SP2 has some VERY nice protection builtin. On the
Finally I also attached the source files to this message
My McAfee-based gateway scanner blocks the attachment and labels it as VBS/Psyme,
which has this description
(http://us.mcafee.com/virusInfo/default.asp?id=descriptionvirus_k=100749):
This trojan exploits an unpatched (at the time of this
Most recent exploits are like vehicles, they are assembled piece by piece,
you can make a virus scanner detect the wheels, but a car, a bus and a bike
are most certainly entirely different things! Yet none of them are any good
without wheels, oh and in this case painting the wheel another color
I agree.
Anyone that would have those ports open has a *lot more to worry about that
cleaning a few worm infections.
That's not the case here. This infection was caused by a remote user not a
Lan user.
With several hundred laptops it's hard have 0 exposure. As with any growing
security
practice
No complaints from me.
While the new security center complains about how I don't have a firewall or
antivirus installed (it doesn't detect either), the better security more than makes up
for this minor annoyance - I no longer need to worry about where I go because the
simple yet absolute 'no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 516-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
June 7th, 2004
While the new security center complains about how I don't have a
firewall or antivirus installed (it doesn't detect either), the better
security more than makes up for this minor annoyance - I no longer need to
worry about where I go because the simple yet absolute 'no popups' and 'no
12 matches
Mail list logo