Changes

From Security Weekly Wiki
Jump to navigationJump to search
441 bytes added ,  15:05, 27 July 2007
no edit summary
[http://www.heise-security.co.uk/news/93030/from/atom10 Buffer Overflow Strikes tcpdump] - [PaulDotCom] - A message to all users of Backtrack and other CD ISOs, you need to update. If there is no patch available, don't use this software. This appears to be a very easy vulnerability to exploit, "Based on an unfiltered integer overflow in the print-bgp.c file, specially crafted border gateway protocol (BGP) packets may cause a buffer overflow in a snprintf() function". How long has that vulnerability been present? Looks like its [http://milw0rm.com/exploits/1037 not the first time the BGP handling code has been exploited]. Yikes...
 
[http://www.f-secure.com/weblog/#00001233 Bulletproof Hosting?] - [PaulDotCom] - Can't Google do something about this? There has to be a way for Google to come up with a SPAM rating, I mean come on, they produce some awesome stuff like Google Maps, but then let silly things like this get through. I'm not saying filter it, but a rating system of some kind or warning would be nice. Then again, false positives would really piss ppl off.
2,337

edits

Navigation menu