Berkeley CSUA MOTD:Entry 33883
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/24 [General] UID:1000 Activity:popular
5/24    

2004/10/1-4 [Computer/SW/OS/Windows, Computer/SW] UID:33883 Activity:nil
10/1    So I downloaded the gdi scan tool from: http://isc.sans.org/gdiscan.php
        and it detected a problematic gdiplus.dll for a 3rd party app.  How do
        I fix it?
        \_ Bug the 3rd-party developer to fix it, or be very careful about
           viewing untrusted content with that App.  If *any* program can view
           a 'questionable' JPEG, then the JPEG is not infected.  All infected
           JPEGS are corrupt.
           \_ Well FYI it's Paint Shop Pro 9.  Buyer beware.
        \_ To give an example of programs where you would least likely expect
           GDI+ to be used, I know that QuickBooks actually uses it, and they
           haven't replaced the GDIPLUS.DLL yet.  In fact, they knew absolutely
           NOTHING about this security issue, and I had to IM a former
           co-worker there to tell him to get that shit patched ASAP.  I'm glad
           I got the hell out of there. -phale
           \_ I was never too much of a l33t QuickBooks user, but where would
              you be opening some arbitrary jpegs with it?  Designing a form
              layout?
              \_ Yah, designing a form layout for an invoice or something.  But
                 you can also download a form layout that somebody else has
                 created, which will cause QB to open up any JPEGs that have
                 been embedded inside of that form layout datafile.  Granted,
                 it isn't too likely this would happen, but I've found out the
                 hard way never to underestimate the stupid things people do
                 with their computers. -phale
                 \_ But if the JPEGS are viruses, no benign user could embed
                    them in the layout file (because it would crash).  You'd
                    need someone to construct a Quickbooks layout file virus.
                    \_ Actually, no, you could create the file without QB
                       opening up the JPEG during creation.  It just does a
                       simple copy into another datafile.  But when the new
                       file is opened by another user, the JPEG gets opened up.
                       Short answer is that is possible, and I actually tried
                       it already on one of my windoze 2000 boxes.  I think I
                       will leave it at that, as I've probably said way too
                       much already. -phale
        \_ What the hell is Microsoft Ink, and why does it have an unpatched
           .dll on my machine?
           \_ Who is general failure, and why is he reading my disk!?
              \_ It's all the fault of General Protection.
2025/05/24 [General] UID:1000 Activity:popular
5/24    

You may also be interested in these entries...
2013/3/25-5/18 [Computer/SW/OS/Windows] UID:54639 Activity:nil
3/25    It's strange that only every other Windows version is a hit.
        NT 4.0: hit
        2000:   flop
        XP:     hit
        Vista:  flop
        7:      hit
	...
2011/12/23-2012/2/6 [Computer/Rants] UID:54271 Activity:nil
12/23   http://venturebeat.com/2011/12/22/uc-berkeley-google-apps
        Oh noes! What Would Bill Gates Do?
        \_ http://lauren.vortex.com/archive/000701.html
           Microsoft to Transition Corporate IT to Google Apps
	...
2011/11/27-2012/1/10 [Computer/HW/Drives] UID:54244 Activity:nil
11/27   CalMail has been down for a few days (hardware failure and database
        corruption -- sounds like fun!) and is starting to come back online.
        Looks like they're planning to outsource all campus mail to either
        Google Apps or Microsoft 365 as part of Operational Excellence.
        <DEAD>kb.berkeley.edu/jivekb/entry!default.jspa?externalID=2915<DEAD>
        \_ http://ist.berkeley.edu/ciocalmailupdates/november-30-2011
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2013/12/21-2014/2/5 [Computer/SW] UID:54759 Activity:nil
12/21   I was laid off and started filing for EDD for my weekly pay.
        I just got a job. Is there a form I need to file, or do I just
        stop filing out EDD to get my weekly pay? As a side note, how
        do they actually know I am working or not?
        \_ You just stop filing and they stop paying; you don't need to do
           anything else.  I don't know the internals of how they do things,
	...
2014/1/14-2/5 [Computer/SW/Languages/C_Cplusplus] UID:54763 Activity:nil
1/14    Why is NULL defined to be "0" in C++ instead of "((void *) 0)" like in
        C?  I have some overloaded functtions where one takes an integer
        parameter and the other a pointer parameter.  When I call it with
        "NULL", the compiler matches it with the integer version instead of
        the pointer version which is a problem.  Other funny effect is that
        sizeof(NULL) is different from sizeof(myPtr).  Thanks.
	...
2013/12/28 [Computer/SW/Security] UID:54760 Activity:nil
12/28   Happy holidays everyone.
        For some reason my work's ip address gets logged in /etc/hosts.deny and\
I cannot ssh in anymore from work
        (except from home where I can ssh in fine): anyone knows if this file is\
 auto-generated due to some event? Thanks
	...
2013/3/24-5/18 [Computer/SW/Unix] UID:54638 Activity:nil
3/24    How are people transferring large files to one other person these days?
        When I need to send some videos to my parents, I upload them to
        my SpiderOak account, but they don't have anything like that,
        so I'm not sure how to get videos from them.  Does DropBox do this
        for free?
        \_ DropBox +
	...
2013/4/9-5/18 [Computer/SW/Languages/C_Cplusplus, Computer/SW/Apps, Computer/SW/Languages/Perl] UID:54650 Activity:nil
4/04    Is there a good way to diff 2 files that consist of columns of
        floating point numbers, such that it only tells me if there's a
        difference if the numbers on a given line differ by at least a given
        ratio?  Say, 1%?
        \_ Use Excel.
           1. Open foo.txt in Excel.  It should convert all numbers to cells in
	...
2013/2/19-3/26 [Computer/SW/OS/OsX] UID:54611 Activity:nil
2/19    I program a lot by sshing to a Linux cluster.  So I'm used to using
        Xemacs to code.  This works fine from a Linux or Windows workstation,
        but sometimes I have to use a Mac.  On Mac, the meta is usually
        bound to option, but that often doesn't work over ssh for some reason.
        This makes using emacs a real pain.  Any suggestions on how to fix it?
        (Other than "use vi")
	...
2012/12/18-2013/1/24 [Computer/SW/Languages/Perl] UID:54561 Activity:nil
12/18   Happy 25th birthday Perl, and FUCK YOU Larry Wall for fucking up
        the computer science formalism that sets back compilers development
        back for at least a decade:
        http://techcrunch.com/2012/12/18/print-happy-25th-birthday-perl
        \_ I tried to learn Perl but was scared away by it.  Maybe scripting
           lanauages have to be like that in order to work well?
	...
Cache (1124 bytes)
isc.sans.org/gdiscan.php
Handler's Diary: Request for AIM IDs Involved with GDI Exploits; It will signal completion of scan in text box with "Done." Remember that dlls are loaded in the following order (note: this is a VAST simplification): * The directory from which the application loaded. These are old versions left behind for uninstal purposes. It will exit with a return code of 1 if it can not open the log file. The command line version will not overwrite the log file. Please do not mirror the file, as updates may be made available at any time without notice. THIS APPLICATION IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE.