.::anti-abuse.com::.

.::anti-abuse.com::. http://security.anti-abuse.com Security Revealed Mon, 01 Dec 2008 18:07:11 +0000 http://backend.userland.com/rss092 en Bugtraq: [TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability [TKADV2008-013] VLC media player RealMedia Processing Integer Overflow Vulnerability http://www.securityfocus.com/archive/1/498768 Bugtraq: /bin/login gives root to group utmp /bin/login gives root to group utmp http://www.securityfocus.com/archive/1/498769 Bugtraq: Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability Re: Re: Wrong report: BID 32287, Pi3Web ISAPI DoS vulnerability http://www.securityfocus.com/archive/1/498771 Recent Firefox extensions for tab addicts The number of Firefox extensions continues to grow. For example, when I last wrote about tab extensions just over a year ago, about 110 existed. Now, despite the need to rewrite many extensions to make them compatible with Firefox 3.0, the number is over 190, and the choice is greater ... http://lxer.com/module/newswire/ext_link.php?rid=112987 Why Robert Gates is a Terrible Pick The appointment of Robert Gates -- a vocal critic of Obama's Iraq withdrawal plan who will undoubtedly shape policy-- is alarming. http://www.alternet.org/waroniraq/109298/why_robert_gates_is_a_terrible_pick/ SB08-336: Vulnerability Summary for the Week of November 24, 2008 Vulnerability Summary for the Week of November 24, 2008 http://www.us-cert.gov/cas/bulletins/SB08-336.html [3/5] RakhiSoftware Shopping Cart Multiple Vulnerabilities Charalambous Glafkos has reported some vulnerabilities in RakhiSoftware Shopping Cart, which can be exploited by malicious people to disclose system information, or to conduct SQL injection and cross-site scripting attacks. http://secunia.com/Advisories/32950/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues ... http://secunia.com/Advisories/32950/ Bugtraq: [SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities [SECURITY] [DSA 1673-1] New wireshark packages fix several vulnerabilities http://www.securityfocus.com/archive/1/498764 Bugtraq: [SECURITY] [DSA 1674-1] New jailer packages fix denial of service [SECURITY] [DSA 1674-1] New jailer packages fix denial of service http://www.securityfocus.com/archive/1/498765 Bugtraq: [SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting [SECURITY] [DSA 1675-1] New phpmyadmin packages fix cross site scripting http://www.securityfocus.com/archive/1/498766 Nintendo 64 crammed into a NES A http://hackaday.com/2008/12/01/nintendo-64-crammed-into-a-nes/ A real gift this holiday season…delete it. Can I vent here for a moment about well meaning, but clearly out-of-the-loop, friends who seem to think everything on the Internet, especially when it comes to safety, is a real situation that needs our attention and should be sent to every mailing list they are on? read more ... http://feeds.feedburner.com/~r/linuxjournalcom/~3/471460239/real-gift-holiday-seasondelete-it Installing Cherokee Web Server With PHP 5 & MySQL 5 Support On Ubuntu 8.10 This tutorial shows how to install Cherokee from source with PHP and MySQL support on an Ubuntu 8.10 server machine. The reason for compiling from source instead of using apt to install binary packages is that there are older versions in the repositories than the ones available on Cherokee's homepage. ... http://lxer.com/module/newswire/ext_link.php?rid=112992 Managing your MP3s with Zina Large collections of MP3 files can be hard to manage. Organizing your music into directories helps some, but when you want to play just those tracks in a certain genre or from a certain year, no amount of directory organization will help -- but Zina, a powerful Web application, can. http://www.linux.com/feature/153895 StudioDave Does A Hardware Review And Meets Ubuntu 8.10 A few months ago I started sensing the need for a replacement for my aging and ailing HP Omnibook 4150. That machine's audio capabilities were negligible even with external hardware, but it had been serviceable for writing articles and as a portable MIDI composition environment. Alas, after years of travel ... http://feeds.feedburner.com/~r/linuxjournalcom/~3/471435480/studiodave-does-hardware-review-and-meets-ubuntu-810 Input filtering and escaping in SQL injection mitigation, (Mon, Dec 1st) While teaching the defensive web app security classes with SANS, I often hear I have been filt ...(more)... http://isc.sans.org/diary.php?storyid=5416&rss Good OS Cloud: Linux as Quick Start for Web and Windows Best known for its Wal-Mart Linux PC called gOS, Good OS is presenting a new Cloud browser operating system at the Netbook World Summit in Paris. The compressed Linux kernel boots up as an integrated browser. http://lxer.com/module/newswire/ext_link.php?rid=112991 [3/5] Bluo CMS “id” SQL Injection Vulnerability The_5p3ctrum has reported a vulnerability in Bluo CMS, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32932/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information about ... http://secunia.com/Advisories/32932/ [2/5] Microsoft Office Communications Server SIP INVITE Denial of Service A vulnerability has been reported in Microsoft Office Communications Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/Advisories/32940/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories ... http://secunia.com/Advisories/32940/ [3/5] Basic PHP CMS “id” SQL Injection Vulnerability CWH Underground has discovered a vulnerability in Basic PHP CMS, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32938/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing ... http://secunia.com/Advisories/32938/ [3/5] Lito Lite CMS “cid” SQL Injection Vulnerability CWH Underground has discovered a vulnerability in Lito Lite CMS, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32910/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing ... http://secunia.com/Advisories/32910/ Pimp My Backup One of our project teams has a beta that they'd like to advertise."How many photos do you have on your computer? Documents? E-mail messages, letters, and receipts of your online purchases? What happens to your files if — when — your hard drive fails?"We currently have an active ... http://www.f-secure.com/weblog/archives/00001550.html Hillary Clinton’s Disdain for International Law — Change We Can Believe In? Hillary Clinton is our new Secretary of State -- will she continue the United States' hypocrisy on human rights and the rule of law? http://www.alternet.org/election08/109264/hillary_clinton%27s_disdain_for_international_law_--_change_we_can_believe_in_/ Hillary Clinton’s Disdain for International Law — Change We Can Believe In? Hillary Clinton is our new Secretary of State -- will she continue the United States' hypocrisy on human rights and the rule of law? http://www.alternet.org/audits/109264/hillary_clinton%27s_disdain_for_international_law_--_change_we_can_believe_in_/ Using VFDs as amplifiers A http://hackaday.com/2008/12/01/using-vfds-as-amplifiers/ Why Use Open-source Software? Free software is sought by Internet users everywhere because it is accessible right away and doesn't cost a dime. But did you know there's something better? Try open-source software. Open-source software goes beyong being free. If from a freeware application you can expect no costs, from an open-source one you ... http://lxer.com/module/newswire/ext_link.php?rid=112996 [3/5] Active Photo Gallery “username” and “password” SQL Injection R3d D3v!L has reported some vulnerabilities in Active Photo Gallery, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32901/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing ... http://secunia.com/Advisories/32901/ [3/5] Ocean12 FAQ Manager Pro “ID” SQL Injection Vulnerability Stack has reported a vulnerability in Ocean12 FAQ Manager Pro, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32930/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing ... http://secunia.com/Advisories/32930/ [3/5] Active Newsletter “email” and “password” SQL Injection Vulnerabilities R3d D3v!L has reported some vulnerabilities in Active Newsletter, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/Advisories/32908/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more than 20 updated advisories per day, containing information ... http://secunia.com/Advisories/32908/ [4/5] Minimal Ablog Multiple Vulnerabilities NoGe has discovered some vulnerabilities in Minimal Ablog, which can be exploited by malicious people to conduct SQL injection attacks, bypass certain security restrictions, or compromise a vulnerable system. http://secunia.com/Advisories/32886/ NOTE: This RSS feed does not include information about updated Secunia advisories. You should note that Secunia on average issues more ... http://secunia.com/Advisories/32886/