continue reading.....

The Xerox WorkCentre 7132 multifunction is the affordable transition to the next level of productivity for your office. One easy-to-use device offers powerful printing, copying, scanning, and faxing. During a brief assessment performed for Xerox WorkCentre 7132 it was discovered that LPD daemon implementation contains a weakness related to robustness of LPD protocol handling. Attacker can crash the whole device with a relatively simple attack. Recovering from the denial-of-service condition requires power cycling the device.

continue reading.....

Back in October we reported on the I-Swarm robotics project. [Travis] sent us some more information. These tiny robots are programmed optically and are able to respond to programming commands via an infrared signal. Locomotion is facilitated with piezoelectric actuators and the power to the units provided through a solar cell. It is not clear [...]

continue reading.....

Many operating systems can already be booted over the net, especially so for the installation systems of the major Linux distributions, but the netboot.me web service offers a universal boot loader which presents them all in one menu. The boot loader can be installed on a USB stick, burned onto CD, or on a floppy disk. This allows users to start an always current selection of operating systems over the internet using one single boot medium.

continue reading.....

[edwindertien] sent us his project to connect a Furby to the internet. The original Furby controller was replaced with an Arduino which in turn was given ethernet connectivity via a LANTRONIX XPort serial ethernet module. This assigns the Furby an IP address which can then be accessed through a script or via a web interface. [...]

continue reading.....

ProShow Gold allows you easily create photo and video slide shows on DVD, PC and Web. Vvulnerabilities in the software related to the processing of ProShow Slideshow s project files ( .psh ). This vulnerability permits hackers to execute malicious code on users systems.

continue reading.....

Remote exploitation of a type confusion vulnerability in Microsoft Corp.’s ATL/MFC ActiveX code as included in various vendors’ ActiveX controls, could allow an attacker to execute arbitrary code within Internet Explorer (IE). Microsoft’s Component Object Model (COM) was designed to allow interoperability between disjointed software components. It is a standardized interface solution to the programming dilemmas involved in object oriented programming, distributed transactions, and inter-language communications. Microsoft’s Active Template Library (ATL) is a set of C++ templates that simplify developing COM objects.

continue reading.....

Subdreamer is a content management system, which is written in PHP and uses MySQL as its database backend. There are vulnerabilities in two integration modules in Subdreamer. Both Invision Power Board 2 and phpBB3 integration modules have this vulnerability.

continue reading.....

To exploit this vulnerability it is required to have ALTER SYSTEM privilege. Exploitation of this vulnerability allows an attacker to execute arbitrary code. It can also be exploited to cause DoS (Denial of service) killing the Oracle server process.

continue reading.....

In a paper titled A Practical Message Falsification Attack on WPA researchers in Japan d …(more)…

continue reading.....

Firewall Access Policy Rulesets, Part 3

This article continues the series of articles on Firewall Builder,
a graphical firewall configuration and management tool that
supports many Open Source firewall platforms as well as Cisco IOS
access lists and Cisco ASA (PIX). This article continues with examples of Access Policy
rules and demonstrates generated configurations
for iptables, PF
and Cisco PIX.

continue reading.....

Last week, the Italian government began an investigation into Google and Google News about allegations of anti-competitive behavior. (For more details, read Google’s initial response or Danny Sullivan’s take). Italian newspaper publishers claim that Google News is stealing readers from them who skim the headlines on Google News and never bother to click through. It is a familiar refrain, to which the obvious response is: If newspapers want readers to click on their headlines, maybe they should write better headlines.

But implicit in these arguments, and an investigation into how Google News is somehow stifling competition in the Italian news industry is that Google News dominates the news in Italy, at least online. That is not the case. According to comScore, the Italian audience of Google News is smaller than at least two of the largest Italian newspaper sites, La Republicca and Corriere Della Sera. In July, Google News had 2.4 million Italian readers versus 3.8 million for both of those Italian newspaper sites. (These numbers reflect only visitors from Italy).

continue reading.....

In my last article I wrote about accessing a PostgreSQL database in C/C++. In this article, I’m going to discuss performing the same functions in C against an SQLite database. Unlike Postgresql and the supporting libraries, SQLite creates completely self-contained databases that aren’t dependant upon a client-server architecture.

read more

continue reading.....

Mystick has discovered a vulnerability in www.videolan.org, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

www.intelcomms.net has discovered a vulnerability in power.positron.gr, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

Mystick has discovered a vulnerability in 1000voicesarchive.org, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

Mystick has discovered a vulnerability in www.raadvst-consetat.be, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

Langy has discovered a vulnerability in wzey.ask.com, which could be exploited by malicious people to conduct Redirect attacks.

continue reading.....

Pragmatk has discovered a vulnerability in www.dooyoo.co.uk, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

ZeLoSKiL has discovered a vulnerability in www.icare.to, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

[Joey] sent us a link to the newest version of his Gameboy foot controller. In the video above, you can see how he uses it to control the loops in the background while he plays his guitar through an 8-bit filter. That is an old video, using the previous version. He tells us that several [...]

continue reading.....

skathgh420 has discovered a vulnerability in yellowpages.herald-dispatch.com, which could be exploited by malicious people to conduct XSS attacks.

continue reading.....

This article is meant to serve as a guide for migrating a live system from ext3 to an ext4 filesystem, including migration of files to use extents, a major feature in ext4. It describes the entire migration procedure, including common pitfalls involving a migration of a live system, as opposed to doing a fresh install.

continue reading.....

Scripts are files that contain shell commands which may be short or can be very complex. Scripts just make it easier because you can invoke one command to run all of the commands in the script. Here instead of using 8 separate commands you can use one command to execute all of them. This course is in a series of mini-courses to help you with Bash Shell Scripting. It is divided into several sections as you can see below. In addition, to help you in the challenge of learning bash shell scripting you will find a quiz at the end of each mini-course.

continue reading.....

The Walt Disney Company has agreed to acquire Marvel Entertainment in a stock and cash transaction, the companies announced this morning. Under the terms of the agreement and based on last week’s closing price of Disney, Marvel shareholders would receive a total of $30 per share in cash plus approximately 0.745 Disney shares for each Marvel share they own.

Based on the closing price of Disney stock on Friday, August 28, the total transaction value is $50 per Marvel share or approximately $4 billion.

Under the deal, which has been approved by the boards of both companies, Disney will acquire ownership of Marvel including its portfolio of over 5,000 Marvel characters. That portfolio includes many familiar names like Iron Man, Spider-Man, X-Men, Captain America, Fantastic Four and Thor.

continue reading.....

continue reading.....

continue reading.....

continue reading.....

continue reading.....

continue reading.....