Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Mail Security: File Parsing Vulnerabilities (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Multiple vulnerabilities have been discovered in Symantec Mail Security for Exchange, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.The vulnerabilities are caused due to various errors within certain third-party file viewers and can be exploited to cause buffer overflows when a specially crafted file is checked. Successful exploitation allows execution of arbitrary code. And are exploited to cause buffer overflows by tricking a user into viewing a specially crafted file. The following file viewers are affected: * mifsr.dll * awsr.dll * kpagrdr.dll * exesr.dll * rtfsr.dll * mwsr.dll * exesr.dll * wp6sr.dll * lasr.dll"
Security

Submission + - Cracks in the Mac OS X Leopard firewall (hyperphp.com) 1

Submitted by
Anonymous Coward
Anonymous Coward writes: "In the course of functional testing, heise Security has discovered a series of problems and peculiarities in the way the firewall in Apple's new operating system behaves. These may have an effect on system security. As with previous versions, by default the firewall in Mac OS X Leopard is deactivated. But even if the user activates it manually, the system is far from sealed off. In tests carried out by heise Security it was possible to communicate with the time server from remote even with the firewall set to "Block all incoming connections" — even when the Mac was directly connected to the internet via a DSL connection. The time server is started automatically by the system. In wired LANs, the NetBIOS name server from the Samba package is also active and, despite the firewall, accessible."
Security

Submission + - USB hacks making physical access danger. (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Yesterday i was in my college server room, I saw usb ports of different computers open here and there, and i was just known about the switchblades the day before yesterday. And a thought came into my mind if i were in the bank and i had my pendrive there what would happen? The thought strike into my mind and how week the security system is? because,The primary purpose of this tool is to silently recover information from Windows systems, such as password hashes, LSA secrets, IP information as well as browser history and autofill information as well as create a backdoor to the target system for later access.The tool takes advantage of a security hole in U3 drives that allows the creation of a virtual CD-ROM drive, whicn allows the Windows autorun feature to work (unless disabled on the target system). Even if autorun or a U3 drive is not used, the application can still be started by executing a single script on the drive."
Security

Submission + - Microsoft Tuesday Patched six instead of seven sec (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Microsoft has released a total of six security bulletins for October 2007. The Redmond-based company has resolved vulnerabilities rated as "Critical" in Internet Explorer, Outlook Express, Windows Mail and Kodak Image Viewer. These vulnerabilities could allow an attacker to remotely execute code and gain control of unpatched systems. A fix for the Windows remote procedure call (RPC) service and the SharePoint patch, which was postponed on September 2007 Patch Tuesday, were rated merely as "Important" bulletins since they can only be misused for denial of service attacks or elevation of privileges."
Security

Submission + - Educational Hacking. Is it really a good idea?

Submitted by
devkhadka
devkhadka writes: "There are and always will be different views on security information disclosure ethics. Thus I will not argue in one direction or the other. I will instead bring up a case as a "food-for-brain" example. Would you trust someone that auction for a CD that "will make a hacker of you in only a few hours"? What if the same guy sells free tools to "steal usernames and passwords" and "Sniff out AOL conversations". For only 7.99 pounds you can also buy a "Easy virus construction" kit and "Ready Made Virus". Would you really believe it's all "for educational use only on your own pc to test for any flaws in your system"? Is this in any way educational, or is just another shortcut to help script kiddies to vandalize the internet? Is this really a good idea?"
PHP

Submission + - TOp 10 Firefox extensions, nerds must have (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Narrowing the huge field of available add-ons down to the ten best was quite a challenge. Life hacker has published 10 most used firefox extensions that a nerd must have ,Your Firefox extension choices have everything to do with your needs, but the ten add-ons you'll find in the following pages are highly-evolved, robust and have proven their usefulness over and over.And this seem to be the must for most of the nerds."
Security

Submission + - How one fall in trap-fake login page,lose password (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "There are several fake loging page software available for download and any one with little knowledge can host the page in free host to trap the email password. There is a favourable senario of thousends of free host are providing space for fee. A person can make the dummy user feel they have loged out of the email program and ask to login, they dont look at the address bar and enter their passowrd in the fake page of evils and is saved there. In many case evil person sends a greetings link to the targeted person on the mail when one clicks on the link he/she sees a loged out page and is done.How much secure is hotmail server or how much strong is your password, doesnot mater much its just hacked in one minute. demonstration more"
Red Hat Software

Submission + - Fedora 8 Test 3 released (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Fedora 8 Test 3 is here! This is the last test release before the evelopment freeze and a great time to test all those packages that you now and love. Test 3 is for beta users. This is the time when we must ave full community participation. Without this participation both hardware and software functionality suffers. Fedora is a Linux-based operating system that showcases the latest in free and open source software. Fedora is always free for anyone to use, modify, and distribute. It is built by people across the globe who work together as a community: the Fedora Project. The Fedora Project is open and anyone is welcome to join. Up-to-date release notes for Fedora 8 Test 3 can be found at http://docs.fedoraproject.org/release-notes."
Power

Submission + - Sun's Value of Design Innovation Launch - Oct. 9, (hyperphp.com)

Submitted by
devkhadka
devkhadka writes: "Is massive network growth making your datacenter inefficient and too complex to manage effectively? Are you reaching capacity limits on space, power, and cooling? Are you being asked to support more data, users, applications — and to provide more services — with less budget? So Learn how Sun's highly efficient, innovatively designed and open systems and technologies can help you virtualize your datacenter, maximize efficiency, increase utilization and scale, while using less energy, reducing IT footprint, and saving you money.
Event: Sun's Value of Design Innovation Launch Date: October 9, 2007
Time: 10:25 a.m. PDT
Location: http://sun.com/launch LIVE OCT 9, 2007
Find My Time Zone: http://communications1.sun.com/r/c/r?2.1.3J1.2Tc.12mkfc.C5CGkw..H.EigC.1nvs.JHOEeb00"
Security

Submission + - Catching thieves with Flickr (heise-security.co.uk)

Submitted by
devkhadka
devkhadka writes: "Social networks can not only be used to make new contacts, but also to track down thieves as events last week at Flickr.com showed. Four laptops and two iMacs, one of which had a web cam, were stolen from Canadian office services provider WorkSpace. The Flickrbooth plug-in for Apple's Photo Booth was installed on the iMac with the web cam. The program automatically sends photos taken with the web cam to the selected Flickr account. An employee at WorkSpace was naturally surprised when he looked into his Flickr account and saw that a new image had been uploaded — one of a tattooed man posing in front of the stolen iMac. The man apparently knew that the iMac was taking pictures of him, but not that it was sending them to Flickr. The image quickly became viral in forums and blogs all over the world. Shortly after, the suspected thief turned himself over to the police according to a report in the Vancouver Sun. He claims that he bought the computer from a friend of a friend but wished to return it. WorkSpace now hopes to get additional information about who the actual thieves are."
Sci-Fi

Submission + - Best Career path for nerds and University courses. (hyperphp.com) 1

Submitted by
devkhadka
devkhadka writes: "Are you a Nerd ? so its a good time to u.The colleges around the world are starting to appeal to the nerds in all of us.Here are the best Career path for the nerds starting form ROM hacking n video Game design to Atrificial intelligence and Network security to Ethical hacking.This list of 25 courses and programs offered at colleges around the world identifies some of the nerdiest coursework, starting with the most obvious, and winding up with the most obscure..."
Debian

Submission + - Debian refuses to push timezone update for NZ DST (debian.org)

Submitted by Jasper Bryant-Greene
Jasper Bryant-Greene writes: Although a tzdata release which includes New Zealand's recent DST changes (2007f) has been out for some time, Debian are refusing to push the update from testing into the current stable distribution, codenamed Etch, on the basis that "it's not a security bug". This means that unless New Zealand sysadmins install the package manually, pull the package from testing, or alter the timezone to "GMT-13" manually, all systems running Debian Etch in New Zealand currently have the incorrect time, as DST went into effect this morning. As the last comment in the bug report says, "even Microsoft are not this silly".
Upgrades

Submission + - Fedora Unity Releases Updated Fedora Linux 7 Re-S (fedoraunity.org) 1

Submitted by
devkhadka
devkhadka writes: "The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based on Fedora 7 and all updates released as of September 12th, 2007. The ISO images are available for i386 and x86_64 architectures via jigdo starting Friday, September 28th, 2007. We have included CD Image sets for those in the Fedora community that do not have DVD drives or burners available. Fedora Unity has taken up the Re-Spin task to provide the community with the chance to install Fedora with recent updates already included. These updates might otherwise comprise more than 700MiB of downloads for a default install. This is a community project, for and by the community. You can contribute to the community by joining our test process."
Intel

Intel To Rebrand Processors In 2008 125

Posted by kdawson from the clearing-the-cluttered-landscape dept.
DJ notes that TechARP has up a look at Intel's plans to rebrand their processors, including what must be a leaked internal chart of the old and new landscape of product names. This story doesn't seem to have been picked up anywhere else yet. Quoting: "We just heard from an anonymous source that Intel will be rebranding their processors in 2008... These new brand names will come into effect on the first day of 2008. Intel hopes that these new brands will not only leverage the strong Core 2 brand but also make it less confusing for the consumer. At the moment, the Intel Centrino mobile platform has five different logos with brands like Centrino, Centrino Duo and Centrino Pro. Starting from January 1, 2008, Intel will consolidate the Centrino Duo and Centrino brands under the Intel Centrino brand, and rename the Centrino Pro as Intel Centrino with vPro Technology."

Slashdot Top Deals

Scientists will study your brain to learn more about your distant cousin, Man.

Close