Berkeley CSUA MOTD:Entry 12297
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/28 [General] UID:1000 Activity:popular
5/28    

2004/2/18 [Computer/SW/OS/Windows, Computer/SW/OS] UID:12297 Activity:nil
2/18    First exploit based on the win* src:
        http://www.securitytracker.com/alerts/2004/Feb/1009067.html
        \_ How does it execute arbitrary code?
           \_ can someone post a h4x0ring tutorial so this question can be
              answered?
        \_ I never used a p2p program before, but I am curious about this src
           thing and I downloaded mute.  Yet I can't get it to work.  Is the
           server down?  Which port should should I tell my fw to let thru?
2025/05/28 [General] UID:1000 Activity:popular
5/28    

You may also be interested in these entries...
2009/6/1-3 [Computer/HW/CPU] UID:53068 Activity:high
5/31    History of winners and losers by *popularity*:
        VHS > Beta Max
        USB2 > Firewire
        x86 > PowerPC > Everything Else > DEC Alpha > Itanium
        BlueRay > HDDvd
        \_ It's too early to tell RE: "Blue"Ray. They may both turn out to be
	...
2008/2/1-7 [Computer/Companies/Google, Computer/SW/OS/Windows] UID:49047 Activity:kinda low
2/1     MS tries to buy Yahoo
        \_ GOOG 514.60  -49.70
           :-)
           I'm not the "short GOOG" guy, just someone who envies Google
           employees.
        \_ Official buyout letter from MSFT http://tinyurl.com/3ysrzu
	...
2007/4/13-16 [Computer/SW/WWW/Browsers] UID:46291 Activity:nil
4/13    I use IE7 to browse a web site, and the server says the UserAgent
        string is
        "UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET
        CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30)"
        Is MS bowing to the Mozilla community?
        \_ What are you talking about?  IE has always reported its UserAgent
	...
2006/2/10-13 [Computer/SW/WWW/Browsers] UID:41793 Activity:moderate
2/10    "Spyware Barely Touches Firefox"
        http://news.yahoo.com/s/cmp/20060210/tc_cmp/179102616
        "Internet Explorer users can be as much as 21 times more likely to end
        up with a spyware-infected PC than people who go online with Mozilla's
        Firefox browser, academic researchers from Microsoft's backyard said in
        a recently published paper."
	...
2005/11/2-4 [Computer/SW/WWW/Browsers] UID:40409 Activity:low
11/2    Firefox 1.5rc1 is out:
        http://www.mozilla.org/projects/firefox
        \_ Does it use less memory than 1.0.x?
           \_ Leakiness seems a bit better, but that's fairly subjective.  Page
              rendering times and forward/back are buttloads faster.  --dbushong
              \_ How about comparing to IE-whatever-the-latest-version?
	...
2005/6/27-28 [Computer/SW/OS/OsX] UID:38329 Activity:kinda low
6/27    For anyone who's owned a G5 running OS X (10.3 or 10.4), how often do
        you need to reboot if it's being used as a workstation?
        \_ Occasionally you will run into the Windows NT syndrome of the system
           needing a reboot for a system software patch - I'd say about once
           every couple of months on a stable release, and once or twice a
           month on a new one.  Other than that, I have never seen a piece of
	...
2005/5/12-13 [Computer/HW/Laptop, Computer/SW/Languages/Misc] UID:37652 Activity:kinda low
5/11    If you noticed that your laptop HD never rests because it's doing
        something, and you've already killed all auxilary processes and made
        drives not "Fast Indexable", it's the explorer that's funky. Here
        is one solution. Kill explorer and then run it again. You can use
        a batch file script:
        taskkill -im explorer.exe /f
	...
2005/5/12-13 [Computer/SW/WWW/Browsers] UID:37647 Activity:nil 66%like:37643
5/11    Firefox 1.0.4 out.
        http://www.mozilla.org/products/firefox/releases/1.0.4.html
        \_ Sigh, it's looking more like IE -- non-stop never ending updates to
        \_ Sigh, it's looking more like IE -- non-stop never-ending updates to
           fix security holes.
           \_ do you actually use IE?
	...
2005/5/5-6 [Computer/SW/WWW/Browsers, Computer/SW/OS/Windows] UID:37537 Activity:moderate
5/5     I have only owned Macs until getting a cheap pc recently, so I don't
        even know what registry is.  What book/ resource do you recommend
        that will help me become a competent windoze user, starting with
        securing it from virus/attacks?  tia
        \_ get a router for internet access if you havn't done so already,
           PC magazine recently had an article on how to secure your PC. At
	...
2011/11/29-2012/1/10 [Computer/HW/Printer] UID:54245 Activity:nil
11/29   HP printers might have a remote exploit that could set them on fire:
        http://preview.tinyurl.com/brh9bbq [ars technica]
        \_ Finally a use for the "printer on fire" error code!
           http://en.wikipedia.org/wiki/Lp0_on_fire
	...
2011/11/9-30 [Computer/SW/Security, Computer/SW/OS/OsX] UID:54219 Activity:nil
11/9    Unsigned code execution exploit in iOS 4.3 & 5:
        http://preview.tinyurl.com/bslubtu [arstechnica]
        \_ Fixed in iOS 5.0.1:
           http://preview.tinyurl.com/7l4vq52 [macobserver]
	...
2009/7/26-29 [Computer/SW/Security] UID:53200 Activity:nil
7/25    so is this a remote ssh exploit ?
        http://users.volja.net/database/matasano.PNG
        \_ No but this is:
           soda> ssh anywhere
	...
2009/7/8-16 [Computer/SW/OS/Linux, Computer/SW/Unix] UID:53124 Activity:nil
7/7     what happened to our web presence? http://www.csua.berkeley.edu
        not working
    \_ That would be because we've yet to set them up afaik. Steven *does* have
    a job after all. The idea is that we want a separate computer mounting the
    web directories, so that if an exploit compromises the webserver, the shell
    server (soda) itself will be insulated from the attack.
	...
2009/3/8-17 [Computer/SW/Unix] UID:52685 Activity:kinda low
3/8     I'm reading about an old exploit where someone used a buffer overflow
        in a printer daemon to get "daemon privileges," which allowed them
        to use another exploit on the mail delivery program to get root.  I'm
        not sure what daemon privileges are.  Is there some set of priveleges
        that most daemons run on that is higher than user but lower than root?
        What are they?  I've never heard this before.
	...
2008/12/10-16 [Computer/HW/CPU, Computer/HW/Drives] UID:52220 Activity:moderate
12/9    Another idea for the CSUA that lets you spend money and maybe get some
    cool toys. Instead of buying a beefy server (like say, a massive server
    with 20 386DX processors), buy a few cheap machines (like the ones
    mentioned below) that have good disks and work on failover / load
    balancing. A netscaler or other piece of hardware is complete overkill,
    but maybe hacking an OpenBSD box could do the trick. The idea is that
	...
2008/8/19-21 [Politics/Domestic/Crime, Computer/SW/OS] UID:50907 Activity:high
8/19    Exploit code downloads backdoor from two sources one .cc one local
        box on <DEAD>icq-mail.net<DEAD> (an link:secureserver.net) (upstream isp is sbcglobal
        (now ATT)).  both sources are still serving up the malicious .EXEs
        Who should I report this to?
        \_ are you getting DKAMINSKY DNS EXPLOITED???????????
           \_ no, i'm getting "my users are dumb asses" exploited.
	...
Cache (670 bytes)
www.securitytracker.com/alerts/2004/Feb/1009067.html
Description: A vulnerability was reported in Microsoft Internet Explorer IE version 5. It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code. The author states that this flaw was found by reviewing the recently leaked Microsoft Windows source code. The report indicates that IE 5 is affected but that IE 6 is not affected. A demonstration exploit is provided in the Source Message it is Base64 encoded. Impact: A remote user can cause arbitrary code to be executed on the target users computer when the target users browser loads a specially crafted bitmap file.