При Гого
|
 |
Меню |  |
| Галерия
Блог Наръчници Програми Джаджи Програма СВ |
||
|
За връзка | |
|
Други | |
| Slackware Book Bugtraq Geodar.com stats Linux for Bulgarians! PacketStormSecurity |
||
Новинки:• 20ти Септември: Взехме си кола :)• 4ти Октомври: Добавен Macbook 2.0GHz в Джаджи • 4ти Октомври: Добавена Yamaha YPG-625 в Джаджи • 9ти Февруари: Обновена програма за пролет 2006 • 23ти Януари: Добавих статистики за потдомейните на geodar.com. • 19ти Януари: Галя и Коцето ще се женят!Ето малко снимки от годежа. • 27ми Декември: PGP ключа ми изтича днес. Кликнете тук за новят ми ключ. • 24ти Декември: Добавих iBoko G4 в Джаджи • 22ри Декемрви: купих си iBook :D • 10ти Декемрви: Добавих секция Програми |
Блог:• Училище свърши, започна работата!• Пържене на домати • Взехме си ролери • Perl скрипт за пращане на писма през Gmail • Ориз • Чугунен тиган • Архивиране на видео подкаст • За телешките пържоли • Нова категория • Наредихме си пъзела |
/.• Which Open Source Video Apps Use SMP Effectively?• EC2 Vs. App Engine Vs. GoGrid Vs. AppNexus • Google Blogger “Hosts 2% of World’s Malware” • Practical Django Projects • NAO Humanoid Robot Set To Hit the Market • Why Power Failures Can Always Lead To Data Loss • Video Game Labeling Law Passed In New York • SF Admin Gives Up Keys To Hijacked City Network • MySpace Joins OpenID Coalition • First Images of Russian-European Manned Spacecraft • Slimmed Down MySQL Offshoot Drizzle is Built For the Web • Speculation On a Second Internet Economy Collapse • World’s Oldest Bible Going Online • Next Generation SSDs Delayed Due To Vista • Is Anyone Using the Google Web Toolkit? |
NewsForge:• Veteran developer ditches Microsoft for open source• Hyperic's CloudStatus demo and interview (video) • Network Security Toolkit distribution aids network security administrators • CLI Magic: For geek cred, try these one-liners • Panel discusses openness at OSCON • Why not learn a little language while you work, Amigo? • Linux tools to convert file formats • Designing rich AJAX Web interfaces with ZK • Seneca College teams with FOSS projects for hands-on learning • The power of cross-platform synchronization • Firefox add-on Glubble too clunky and restrictive as a children's Internet filter • FSF organizes against Anti-Counterfeiting Trade Agreement • Ubuntu hits new high in Linux boredom • Jump start your Web app deployment with a JumpBox • Explore your database with Talend Open Profiler • Is SCO finally dead? • Use xfs_fsr to keep your XFS filesystem optimal • Proprietary software? Counsel objects • Sweet Home 3D: simple interior design • Nifty tools for your Asus Eee PC |
Bugtraq:• Vuln: Mozilla Firefox CSSValue Array Data Structure Remote Code Execution Vulnerability• Vuln: PHP 5.2.4 and Prior Versions Multiple Vulnerabilities • Vuln: PHP cURL 'safe mode' Security Bypass Vulnerability • Vuln: PHP 5.2.5 and Prior Versions Multiple Vulnerabilities • Bugtraq: [ MDVSA-2008:153 ] - Updated emacs packages fix vulnerability • Bugtraq: [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities • Bugtraq: [SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities • Bugtraq: Re: Wordpress Malicious File Execution Vulnerability • More rss feeds from SecurityFocus |
|
PacketStormSecurity:• dns-writeup.txt - Interesting write up discussing DNS cache poisoning then and now.• USN-627-1.txt - Ubuntu Security Notice 627-1 - Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Dnsmasq. A remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic. • DSECRG-08-032.txt - Claroline eLearning and eWorking Platform version 1.8.10 suffers from cross site scripting vulnerabilities. • dsa-1613-1.txt - Debian Security Advisory 1613-1 - Multiple vulnerabilities have been identified in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following three issues: • MDVSA-2008-151.txt - Mandriva Linux Security Advisory - A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code. The updated packages have been patched to correct this issue. • sipwitch-0.2.2.tar.gz - GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate. • pkd-1.0.tgz - ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent. • shopcartdx-sql.txt - ShopCartDx version 4.30 suffers from a remote SQL injection vulnerability. • youtubeblog-rfisqlxss.txt - YouTube Blog version 0.1 suffers from remote file inclusion, SQL injection, and cross site scripting vulnerabilities. • intellitamper-overflow.txt - IntelliTamper version 2.0.7 html parser remote buffer overflow exploit. • modjk1219-overflow.txt - Apache mod_jk version 1.2.19 remote buffer overflow exploit for win32. • zdaemonull.zip - ZDaemon version 1.08.07 denial of service exploit that makes use of a NULL pointer vulnerability. • zdaemonull.txt - ZDaemon version 1.08.07 suffers from a NULL pointer vulnerability that allows for a denial of service. • glsa-200807-12.txt - Gentoo Linux Security Advisory GLSA 200807-12 - bannedit reported a boundary error when handling overly long IRC MODE messages (CVE-2007-4584). Nico Golde reported an insecure creation of a temporary file within the e_hostname() function (CVE-2007-5839). Versions less than or equal to 1.1-r4 are affected. • dsa-1612-1.txt - Debian Security Advisory 1612-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: ... |
|