Berkeley CSUA MOTD:Entry 19258
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/04/07 [General] UID:1000 Activity:popular
4/7     

2000/9/15-18 [Computer/SW/Security] UID:19258 Activity:nil
9/15    Someone mentioned a security hole proftpd versions post 1.2.0pre9
        (though the web page seems to think anything after 1.2.0pre9 is o.k.)
        Can someone tell point me to specifics. I'm running pre10, but older
        than the date that was specified. More info please.
        \_ if there was one, it would probably be in the bugtraq archives
           on http://securityfocus.com
        \_ yes, see http://securityfocus.com; no successful exploits are known yet (or,
           if there are, they've been an extraordinarily well-kept secret). And
           yes, older pre10's are still [theoretically] vulnerable.
2025/04/07 [General] UID:1000 Activity:popular
4/7     

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
2011/2/10-19 [Computer/SW/Security] UID:54034 Activity:nil
2/9     http://www.net-security.org/secworld.php?id=10570
        Summary: iPhone passwd storage is unsafe after all
	...
Cache (770 bytes)
securityfocus.com
Automating Windows Patch Mngt: Part III By Jonathan Hassell May 10, 2004 The final installment of this series discusses two alternative, low cost tools to manage the application of patches to Windows systems, and also provides information on the upcoming, revised Software Update Services (SUS) from Microsoft. Common Security Vulnerabilities in e-commerce Systems By K K Mookhey Apr 26, 2004 This article discusses common attacks and vulnerabilities in e-commerce shopping cart systems, with reference to SecurityFocus vulnerability reports where relevant. Introduction to Nessus By Harry Anderson Oct 28, 2003 This article describes the installation, configuration and features of the latest version of Nessus, a powerful and free client-server based security scanner.