Sunday, October 26, 2003

----------------------------------------------------------------------
Boing Boing Blog
----------------------------------------------------------------------
1.  Phonecamming the fires in LA and San Diego.

There's a public phonecam blog here, where people are snapping and uploading mobile shots of the fires currently raging throughout Southern California: Link. OMFG. The fire situation here in San Diego/LA is completely insane. I could see ash in the sky here in Los Angeles -- nevermind see, I can taste it. The air is dense with smoke, and we're like 40-50 miles away from the major blazes.... but even here, okay: I can usually see the Hollywood sign from the cafe where I spend most of my Sundays, and today I can barely see a couple of blocks away. There are fires in San Diego, too -- and several major airports were closed here for at least part of the day today, including LAX. Also, Sean Bonner at Sixspace gallery posted this.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Athlon 64 Motherboard Triple Threat Round-Up
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  eEye: Retina Messenger Service Vulnerability Scanner

11:08:16 PM    


10:07:57 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Traffic Light Control For The Masses

9:07:37 PM    


8:37:27 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  P2P Contact Info Service From Napster Co-Founder
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
2.  iwconfig Buffer Overflow

7:37:07 PM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  AOL Launches Daily Sports Highlight Show for Web (Reuters). Reuters - Web service AOL on Monday launched a twice-daily sports news show for high speed Internet anchored by talent from cable network CNN, a sister unit within Time Warner Inc.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  More Looks At Far-Off 'Longhorn'
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
3.  Vulnerabilities: Ipswitch WS_FTP Server FTP Command Buffer Overrun Vulnerabilities. Ipswitch WS_FTP Server is an FTP implementation that is available for Microsoft Windows operating systems.

Ipswitch WS_FTP Server is reported to be prone to buffer overr...
4.  Vulnerabilities: JBoss HSQLDB Remote Command Injection Vulnerability. JBoss is a freely available, open source Java Application server. It is distributed and maintained by JBoss Group and is available for a number of platforms including Mic...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
5.  HP raises wireless profile. Three-pronged attack
6.  Moto peddles world's most integrated handset chip. Taking on TI

6:36:48 PM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Ask Jeeves Stock May Be Overvalued, Report Says (Reuters). Reuters - Shares of Web search provider Ask Jeeves Inc. (ASKJ.O), which have climbed 700 percent this year, may be overvalued, according to a report in the Oct. 27 issue of Barron's.
----------------------------------------------------------------------
LinuxSecurity.com
----------------------------------------------------------------------
2.  Conectiva: fileutils denial of service vulnerability
3.  Mandrake: apache2 DoS Vulnerability
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
4.  Is grid computing finally a reality?. Old premise, new promise
5.  Sun and Fujitsu: a relationship with Sparc. Get cracking

5:36:26 PM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  AOL Starts Daily Sports Highlight Show for Web (Reuters). Reuters - Web service AOL on Monday launched a twice-daily sports news show for high speed Internet anchored by talent from cable network CNN, a sister unit within Time Warner Inc.(TWX.N)
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Can Watermarking Help Find GPL Violations?
----------------------------------------------------------------------
Hack the Planet
----------------------------------------------------------------------
3.  After years of waiting, a glimpse of the new GTK+ file selector dialog has emerged.

4:36:08 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  SCO Asks IBM To Make SCO's Case For It
2.  Danish Study Recommends Open Standards for EU
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
3.  Vulnerabilities: mIRC DCC SEND Variant Buffer Overflow Vulnerability. mIRC is a chat client for the IRC protocol, designed for Microsoft Windows based operating systems.

It has been reported that mIRC 6.12, which addressed the recently dis...
----------------------------------------------------------------------
Internet/Network Security
----------------------------------------------------------------------
4.  Book Review: SSCP Prep Guide. The SSCP certification is sort of an entry-level version of the very popular CISSP certification from ISC2. It covers seven distinct areas and achieving the certification demonstrates a certain level of competence when it comes to information security. Debra and...

3:35:46 PM    

----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
1.  Vulnerabilities: OpenSSL ASN.1 Parsing Vulnerabilities. Multiple vulnerabilities were reported in the ASN.1 parsing code in OpenSSL. OpenSSL does not directly implement ASN.1 but does use ASN.1 objects in X.509 certificates a...

2:35:26 PM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  IBM, HP Square Off in High-Tech Battle (AP). AP - IBM Corp. made a bigger incursion than usual at this year's HP World — a trade show for thousands of Hewlett-Packard Co. customers, equipment resellers and companies whose technologies work on HP computer systems.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
2.  Vulnerabilities: KDE KDM PAM Module PAM_SetCred Privilege Escalation Vulnerability. KDM is the KDE Display Manager, a component of the KDE Desktop Environment. It is available for Linux/Unix operating systems. KDM provides a graphical login interface f...
3.  Vulnerabilities: KDE KDM Session Cookie Generation Weakness. KDM is the KDE Display Manager, a component of the KDE Desktop Environment. It is available for Linux/Unix operating systems. KDM provides a graphical login interface f...

1:35:07 PM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Scrapbook fever Quaint hobby has become a $2.5 billion industry (SiliconValley.com). SiliconValley.com - Even in the Internet Age, Silicon Valley stores are shining spotlights on a quaint little hobby that's morphed into a fast-growing, $2.5 billion industry: scrapbooking.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  NSA Turns To Commercial Software For Encryption
----------------------------------------------------------------------
InfoWorld: Security
----------------------------------------------------------------------
3.  U.S. Senate approves antispam bill. Bill allows fines as large as $3 million for some types of illegal spam

12:34:47 PM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  Openfiler Storage Management Software GPL'd
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
2.  Vulnerabilities: Sun Java Virtual Machine Slash Path Security Model Circumvention Vulnerability. The Java Virtual Machine (JVM) is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Unix, Lin...
3.  Vulnerabilities: Sylpheed-Claws Mail Client SMTP Error Reporting Format String Vulnerability. Sylpheed-Claws is a branch of the Sylpheed mail client, designed to implement and test less stable features. Both code bases are regularly updated to match each others be...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
4.  Windows Longhorn build leak starts hype two years early. Excitement levels to cause fatalities by Q2 2004?

11:34:29 AM    

----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
1.  Finding Celebrity Haunts Online (Reuters). Reuters - A celebrity sighting is a pleasant surprise for most people. For the truly star-struck, however, stargazing can become an obsession.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
2.  Silicon Valley - The Geeks Are Back In Charge?
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
3.  Vulnerabilities: Microsoft Windows Window Message Subsystem Design Error Vulnerability. A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system.

In the Win32 model, all windows on the deskt...

10:34:17 AM    

----------------------------------------------------------------------
CNET News.com - Front Door
----------------------------------------------------------------------
1.  Week ahead: Confabs rev up. Earnings season is winding down and the trade show circuit is gearing up in the coming weeks.
2.  Who wins when jobs move offshore?. By moving service jobs to countries with lower labor costs, U.S. companies can save money and focus on creating higher-value positions at home.
----------------------------------------------------------------------
Yahoo! News - Technology
----------------------------------------------------------------------
3.  Company wins contract for establishing new mobile server (AFP). AFP - An Arab company registered in Sudan has won a contract for establishing and running a mobile telephone server to operate alongside the present server, mobitel.
----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
4.  Valenti to Step Down; Tauzin May Head MPAA

9:33:57 AM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  A Practical Approach To Shushing Your PC
2.  Defense Department Drafts RFID Policy

8:33:47 AM    

----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
1.  Tackling the net's numbers shortage. A shortage of internet addresses has prompted researchers to come up way of generating billions more.

7:33:27 AM    


6:33:07 AM    


5:32:48 AM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  1.70 Mhz 8-Bit Ataris Get 10 Mbit Ethernet
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
2.  Vulnerabilities: Microsoft Windows 2000 TroubleShooter ActiveX Control Buffer Overflow Vulnerability. A vulnerability has been discovered in the Microsoft TroubleShooter ActiveX control. Because of this, it may be possible for a remote attacker to execute arbitrary with ...
3.  Vulnerabilities: Microsoft Messenger Service Buffer Overrun Vulnerability. Microsoft Messenger Service is a Windows service that is responsible for sending and receiving "net send" messages. The service also handles any messages that are sent v...
4.  Vulnerabilities: Microsoft Windows Help And Support Center URI Handler Buffer Overflow Vulnerability. Microsoft Windows contains a Help and Support Center (HSC) facility that provides help on several topics such as Windows features and hardware support. The HSC also conta...
5.  Vulnerabilities: Microsoft Exchange Server 5.5 Outlook Web Access Cross-Site Scripting Vulnerability. Microsoft Exchange Server 5.5 is an e-mail and directory server offered by Microsoft. Outlook Web Access is a service provided by Exchange server that allows users to ac...
----------------------------------------------------------------------
The Register
----------------------------------------------------------------------
6.  Megalomania™ - the board game for BOFHs. Episode 25 Monopolistic bevahiour

4:32:27 AM    

----------------------------------------------------------------------
Hack the Planet
----------------------------------------------------------------------
1.  Small Net Builder: First Test of NETGEAR 108Mbps Wireless. 31Mbps is pretty disappointing compared to the promised 90Mbps.
----------------------------------------------------------------------
BBC News | Technology | UK Edition
----------------------------------------------------------------------
2.  E-mail scam targets online bank. Halifax becomes the latest target for an e-mail scam tricking customers into giving away bank details.
----------------------------------------------------------------------
SecurityFocus
----------------------------------------------------------------------
3.  Vulnerabilities: Microsoft ListBox/ComboBox Control User32.dll Function Buffer Overrun Vulnerability. A ComboBox control is a class used to display a drop-down list of predefined values, as well as a field that takes user-supplied input. A ListBox control is a similar cla...
4.  Vulnerabilities: Microsoft ActiveX Authenticode Verification Bypass Vulnerability. Authenticode is a component that allows for the verification of ActiveX controls. When a web page attempts to install an ActiveX control, Authenticode verifies the publi...

3:32:08 AM    

----------------------------------------------------------------------
Slashdot
----------------------------------------------------------------------
1.  ISWC'03 Gadget Show Videos
----------------------------------------------------------------------
Hack the Planet
----------------------------------------------------------------------
2.  Got Panther. Good job, Apple.
----------------------------------------------------------------------
NewsIsFree: Security
----------------------------------------------------------------------
3.  SiteKiosk Domain Billing Mechanism Can Be Bypassed By Local Users
4.  Opera Lets Remote Users Execute Arbitrary Files in the Local Zone Using a Specially Crafted IFRAME Tag

2:31:48 AM    


1:31:28 AM    


12:30:18 AM    

© Copyright 2004 Gregg Doherty .
Last update: 2/10/2004; 8:45:35 AM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Gregg's Security News Aggregator" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.