Changes

From Security Weekly Wiki
Jump to navigationJump to search
642 bytes added ,  15:03, 27 July 2007
no edit summary
[http://christ1an.blogspot.com/2007/07/dns-pinning-explained.html DNS Pinning: What's all the buzz about?] - [PaulDotCom] - Many have been talking about DNS pinning, and esp Anti DNS Pinning which circumvents browser protections for script code to access web sites it did not originate from. It will be covered at Black Hat in a few people's talks, see [http://www.darkreading.com/document.asp?doc_id=129431 article].
 
[http://www.heise-security.co.uk/news/93030/from/atom10 Buffer Overflow Strikes tcpdump] - [PaulDotCom] - A message to all users of Backtrack and other CD ISOs, you need to update. If there is no patch available, don't use this software. This appears to be a very easy vulnerability to exploit, "Based on an unfiltered integer overflow in the print-bgp.c file, specially crafted border gateway protocol (BGP) packets may cause a buffer overflow in a snprintf() function". How long has that vulnerability been present? Looks like its [http://milw0rm.com/exploits/1037 not the first time the BGP handling code has been exploited]. Yikes...
2,337

edits

Navigation menu