 |
|
| FriendFeed is the easiest way to share online. Learn more » |
The entry you requested is private
Cisco TAC for decoding:
Log message generated when receiving invalid update: RP/0/RP0/CPU0:Aug 17 13:47:05.896 GMT: bgp[122]: %ROUTING-BGP-5-ADJCHANGE : neighbor 192.168.0.1 Down - BGP Notification sent: invalid or corrupt AS path
- Peter Dawson
if storedHash = hashFcn(userPassword & storedSalt) //9,999,999,999 tests if you randomly store the storedSalt ANYWHERE within userPassword, it becomes for (int i=0; i<len(userPassword); i++) { String toTest = substring(userPassword,0,i) & storedSalt & substring(userPassword,i) if storedHash = hashFcn(toTest) { return true; } } return false;...
cracking the 10Million dollar Computer !
- Peter Dawson
Iron Geek: XSS, Command and SQL Injection vectors: Beyond the Form - http://www.rootsecure.net/... (via http://friendfeed.com/cloud-d...)
Information on the bug (XML Bomb): http://blog.didierstevens.com/2008...
a new bug within the TCP/IP-protocol. - http://www.t2.fi/2008...
Google Chrome Browser Vulnerability - http://evilfingers.com/advisor...
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window "Whoa! Google Chrome has crashed. Restart now?". It fails in dealing with the POP EBP instruction when pointed out by the EIP register at 0x01002FF4.
- Peter Dawson
Details: - Type of Issue : Buffer Overflow. - Affected Software : Google Chrome 0.2.149.27. - Exploitation Environment : Google Chrome on Windows XP SP2. - Impact: Remote code execution. - Rating : Critical. http://security.bkis.vn/Proof-O...
- Peter Dawson
Dr. Dobb's Portal: Browser Extension Thwarts Internet Eavesdropping "The system, called Per... - http://www.rootsecure.net/...
Judge Lifts Gag Order against MIT Subway Hackers, Slides Published ... - DailyTech - http://news.google.com/news...
Darknet: OpenVAS - Open Vulnerability Assessment System (Nessus is Back!) - http://www.rootsecure.net/...
Not-So "Breaking News", (Sun, Aug 17th) - http://isc.sans.org/diary...
“Coderman - "hypothesis that "security researchers" are all masturbating monkey"” - http://friendfeed.com/e...
vector variables
If a vector variable is stored in a register, gcc writes debug information telling gdb which register the variable is stored in. This mapping is changed between gcc2 & gcc3. Since there isn't anything in the debug output to distinguish code compiled by gcc3 from code compiled by gcc2, there is no way for gdb to know the right map. gdb supports the gcc3 map. If vector code is compiled by gcc2 as in the case of IOS, then the register assignment will be off by 1.
- Peter Dawson
Security assessment of the internet protocol - http://www.cpni.gov.uk/Product...
shadowserver data - http://www.shadowserver.org/wiki...
snoop could allow an attacker to execute arbitrary - http://sunsolve.sun.com/search...
Search Security: Researchers use browser to elude Vista memory protections [pdf] - http://www.rootsecure.net/...
keep vault copy
- Peter Dawson
"Surf Jack" will not save you - on stealing session cookies - http://www.vimeo.com/1507697
neato trick
- Peter Dawson
CyberWar RU vs Georgia - http://rbnexploit.blogspot.com/2008...
Agency sues to stop Defcon speakers from revealing gaping holes - http://www.theregister.co.uk/2008...
7 days of seeding to impact. - http://www.kaspersky.com/news...
past presentations from Blackhat and Deepsec - http://www.sec-consult.com/publika...
method of error-based SQL injection in Sybase databases - http://www.sec-consult.com/files...
method of using DLL injection to interface to an SSL connection used by a running process - http://www.sec-consult.com/files...
Team Shatter released the Oracle REFRESHHOME Parameter hack - http://www.oracle.com/technol...
Other ways to read this feed:
