Changes

From Security Weekly Wiki
Jump to navigationJump to search
397 bytes added ,  20:57, 8 March 2007
[http://news.zdnet.com/2100-1009_22-6163822.html Month of PHP Bugs] - [Larry] - Psssst! PHP is insecure...so much so there are more bonus bugs than real bugs!
  [http://www.theregister.co.uk/2007/03/08/who_is_vladuz/ Vladuz <3's eBay] - [Joe] - "Vladuz's break-ins may be limited, but his work has been accompanied by what critics say is a sudden spike in the number of fraudulent auctions on the site. As evidence, they point to the sharply increased volatility in the number of auctions being offered, and then removed, from hour to hour since the end of January."
[http://www.securityfocus.com/bid/19399/discuss CA Virus Downgrade Vulnerability] - [PaulDotCom] - Malware will typically try to kill anit-virus programs running on the infected system as its first step. This may not always go unnoticed. However, if you are able to downgrade the virus defs to install some more juicy malware, that may very well go unnoticed.
[http://bindshell.net/papers/ftppasv Manipulating FTP Clients Using The PASV Command] - [PaulDotCom] - Cool paper which is able to do portscanning and banner grabbing using the FTP PASV command. Includes PoC.
 
 
 
 
 
 
= Other Stories of Interest =
156

edits

Navigation menu