Open Source Archive
Thursday, April 05, 2007 12:50 PM/EST
The Mozilla Foundation is looking at disabling support for the Windows animated cursor format as a workaround for the ANI vulnerability that has left Windows systems open to exploit and complete takeover for the past week. Firefox users who use...
Read more... | |
del.icio.us |
digg.com | View all of
Browsers
Tuesday, March 27, 2007 2:11 PM/EST
The new version of HD Moore's point-and-click Metasploit Framework that was rewritten from scratch in the Ruby scripting language is ready to penetrate, pick at patches, regress test and otherwise hack away. Moore has said that the primary goals of...
Read more... | |
del.icio.us |
digg.com | View all of
Exploits and Attacks
Friday, March 16, 2007 6:36 PM/EST
It turns out that, after years of engineering work and collaboration efforts with strategic partners such as IBM, Red Hat's March 14 release of Red Hat Enterprise Linux 5 had the misfortune of coinciding with the company's release of a...
Read more... | |
del.icio.us |
digg.com | View all of
Open Source
Thursday, March 15, 2007 2:31 PM/EST
The open-source operating system OpenBSD has a critical remote kernel buffer overflow vulnerability in its IPv6 protocol stack that can allow for a remote attacker to take over the system with malformed e-mail, Core Security Technologies disclosed on March 13....
Read more... | |
del.icio.us |
digg.com | View all of
Exploits and Attacks
Wednesday, March 07, 2007 6:32 PM/EST
Core Security Technologies has discovered a flaw in GNU Privacy Guard—the open-source cryptographic software system that's part of the GNU software project and at the heart of third-party e-mail that's signed, encrypted and trusted—that allows attackers to reach into e-mail...
Read more... | |
del.icio.us |
digg.com | View all of
Flaws
Wednesday, March 07, 2007 12:14 PM/EST
The Mozilla Foundation reported on Monday that a critical JavaScript bug in the Firefox browser and in the SeaMonkey Internet application suite could allow a malicious Web site to inject arbitrary code into a vulnerable PC. The bug was inadvertently...
Read more... | |
del.icio.us |
digg.com | View all of
Browsers
Wednesday, March 07, 2007 10:11 AM/EST
Ubuntu has a security alert out on its Thunderbird e-mail client, with a flaw that could allow an attacker to take over a vulnerable PC. Versions 5.10, 6.06 LTS and 6.10 are affected and can be fixed by upgrading to...
Read more... | |
del.icio.us |
digg.com | View all of
Flaws
Saturday, March 03, 2007 7:41 PM/EST
Users who have downloaded the 2.1.1 version of the open-source blogging platform WordPress should upgrade all files to 2.1.2 immediately, since they could include a security bug injected by a cracker who gained user-level access to one of the servers...
Read more... | |
del.icio.us |
digg.com | View all of
Exploits and Attacks
Monday, February 26, 2007 9:04 AM/EST
After a flurry of "yes it's fixed" and "oh no it's not" between bug researchers over the weekend, the verdict is that Firefox 2.0.0.2 did indeed fix the memory corruption flaw found by Polish hacker Michal Zalewski on Feb. 23....
Read more... | |
del.icio.us |
digg.com | View all of
Flaws
Friday, February 23, 2007 4:48 PM/EST
The most critical flaw in Firefox hasn't been addressed in the update released today. Mozilla's out with Firefox updates and is urging that customers upgrade immediately to fix critical security holes and stability issues. Issued today were Firefox 1.5.0.10, Firefox...
Read more... | |
del.icio.us |
digg.com | View all of
Open Source
