FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow

Grok Headline matches for FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow

[security bulletin] SSRT4717 rev.0 HP
Tru64 UNIX SSL/TLS Potential Remote
Denial of Service (DoS)

[security bulletin] SSRT4717 rev.0 HP
Tru64 UNIX SSL/TLS Potential Remote
Denial of Service (DoS) 06/15/2004 01:41 PM
Boren, Rich (SSRT) (Jun 14 2004)

[security bulletin] SSRT4741 rev.0 DCE
for HP Tru64 UNIX Potential RPC Buffer
Overrun Attack

[security bulletin] SSRT4741 rev.0 DCE
for HP Tru64 UNIX Potential RPC Buffer
Overrun Attack 06/25/2004 11:55 AM
Boren, Rich (SSRT) (Jun 24 2004)

[Security Bulletin] SSRT4696 rev.0 - HP
Tru64 UNIX TCP Stack Remote Denial of
Service (DoS)

[Security Bulletin] SSRT4696 rev.0 - HP
Tru64 UNIX TCP Stack Remote Denial of
Service (DoS) 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

[Security Bulletin] SSRT4876 rev.0 HP
Tru64 UNIX SWS (Apache) Secure Web
Server Remote

[Security Bulletin] SSRT4876 rev.0 HP
Tru64 UNIX SWS (Apache) Secure Web
Server Remote 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

[security bulletin] SSRTSSRT4778 Rev.0
Mozilla Application Suite for HP Tru64
UNIX libpng Potential Overflows

[security bulletin] SSRTSSRT4778 Rev.0
Mozilla Application Suite for HP Tru64
UNIX libpng Potential Overflows 08/06/2004 03:14 PM
Boren, Rich (SSRT) (Aug 05 2004)

HP patches critical security holes in
Tru64 Unix

HP patches critical security holes in
Tru64 Unix 01/18/2004 11:32 PM
CNET Asia Jan 19 2004 3:48AM GMT

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/28/2004 03:27 PM
Marcus Meissner (Dec 27 2004)

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

Security Update: [CSSA-2003-013.0]
Linux: integer overflow vulnerability in
XDR/RPC routines

Security Update: [CSSA-2003-013.0]
Linux: integer overflow vulnerability in
XDR/RPC routines 03/20/2003 10:40 AM
security_at_sco.com (Mar 19 2003)

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

[security bulletin] SSRT3657 rev.3
HP-UX CDE libDtHelp buffer overflow

[security bulletin] SSRT3657 rev.3
HP-UX CDE libDtHelp buffer overflow 09/01/2004 03:03 PM
Boren, Rich (SSRT) (Aug 31 2004)

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability 09/16/2004 05:38 AM
customer service mailbox (Sep 15 2004)

[Security Bulletin] SSRT4867 rev.0
Netscape Directory Server on HP-UX LDAP
remote buffer overflow

[Security Bulletin] SSRT4867 rev.0
Netscape Directory Server on HP-UX LDAP
remote buffer overflow 12/24/2004 12:36 PM
Boren, Rich (SSRT) (Dec 23 2004)

[security bulletin] SSRT4779 - rev.0
HP-UX Netscape NSS Library Suite SSLv2
remote buffer overflow

[security bulletin] SSRT4779 - rev.0
HP-UX Netscape NSS Library Suite SSLv2
remote buffer overflow 08/27/2004 01:32 PM
Boren, Rich (SSRT) (Aug 25 2004)

[security bulletin] SSRT4741 rev.1 DCE
for HP OpenVMS Potential RPC Buffer
Overflow Attack VU#259796, VU#568148,
VU#326746

[security bulletin] SSRT4741 rev.1 DCE
for HP OpenVMS Potential RPC Buffer
Overflow Attack VU#259796, VU#568148,
VU#326746 07/14/2004 01:42 PM
Boren, Rich (SSRT) (Jul 14 2004)

HP Patches Tru64 Unix Vulnerability

HP Patches Tru64 Unix Vulnerability 01/17/2004 10:53 PM
Hewlett-Packard recently discovered and patched a potential hole in its Tru64 Unix OS that could have provided unauthorized access or a denial-of-service attack.

HP Plugs 'Critical' Tru64 UNIX Flaws

HP Plugs 'Critical' Tru64 UNIX Flaws 03/06/2004 02:02 AM
A successful exploit could lead to remote system takeover.

RE: EEYE: XDR Integer Overflow

RE: EEYE: XDR Integer Overflow 03/19/2003 10:25 PM
Sinan Eren (Mar 19 2003)

EEYE: XDR Integer Overflow

EEYE: XDR Integer Overflow 03/19/2003 10:25 PM
Marc Maiffret (Mar 19 2003)

FishCart Integer Overflow / Rounding
Error

FishCart Integer Overflow / Rounding
Error 01/16/2004 10:59 AM
Michael Brennen (Jan 14 2004)

Linux Kernel i2c Integer Overflow
Vulnerability

Linux Kernel i2c Integer Overflow
Vulnerability 06/16/2004 07:32 PM
Shaun Colley (Jun 16 2004)

Linux Kernel sctp_setsockopt() Integer
Overflow

Linux Kernel sctp_setsockopt() Integer
Overflow 05/11/2004 06:04 PM
Shaun Colley (May 11 2004)

[Linux kernel ipv6_setsockopt integer
overflow]

[Linux kernel ipv6_setsockopt integer
overflow] 02/05/2005 09:38 PM
qobaiashi (Feb 03 2005)

[ GLSA 200412-13 ] Samba: Integer
overflow

[ GLSA 200412-13 ] Samba: Integer
overflow 12/19/2004 03:48 PM
Sune Kloppenborg Jeppesen (Dec 17 2004)

Microsoft HTML Help vulnerable to
integer overflow

Microsoft HTML Help vulnerable to
integer overflow 06/17/2005 03:39 PM
Addict3d.org Jun 16 2005 9:56PM GMT

Re: Linux Kernel sctp_setsockopt()
Integer Overflow

Re: Linux Kernel sctp_setsockopt()
Integer Overflow 05/15/2004 03:52 PM
Michael Tokarev (May 15 2004)

Re: [Linux kernel ipv6_setsockopt
integer overflow]

Re: [Linux kernel ipv6_setsockopt
integer overflow] 02/05/2005 09:38 PM
Dan Yefimov (Feb 03 2005)

Re: Linux Kernel i2c Integer Overflow
Vulnerability

Re: Linux Kernel i2c Integer Overflow
Vulnerability 06/17/2004 09:17 PM
Alexander Nyberg (Jun 16 2004)

Re: Microsoft Windows LoadImage API
Integer Buffer overflow

Re: Microsoft Windows LoadImage API
Integer Buffer overflow 12/25/2004 05:08 PM
Brett Glass (Dec 24 2004)

Linux kernel setsockopt MCAST_MSFILTER
integer overflow

Linux kernel setsockopt MCAST_MSFILTER
integer overflow 04/21/2004 03:42 AM
Wojciech Purczynski (Apr 20 2004)

Linux Broadcom 5820 Cryptonet Driver
Integer Overflow

Linux Broadcom 5820 Cryptonet Driver
Integer Overflow 06/23/2004 07:03 PM
infamous41md_at_hotpop.com (Jun 23 2004)

Linux Kernel IEEE 1394 Driver Integer
Overflow

Linux Kernel IEEE 1394 Driver Integer
Overflow 06/28/2004 04:49 PM
“infamous41md has reported some vulnerabilities in the Linux kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. Various functions in the IEEE 1394 driver contain integer overflows within the memory allocation scheme. This can potentially be exploited via specially crafted requests, which may cause a large amount of data to be copied into an insufficiently sized buffer.”

Re: [Full-Disclosure] Linux Kernel
sctp_setsockopt() Integer Overflow

Re: [Full-Disclosure] Linux Kernel
sctp_setsockopt() Integer Overflow 05/12/2004 12:51 PM
Tom Rini (May 11 2004)

Fwd: CERT Advisory CA-2003-10 Integer
overflow in Sun RPC XDR library routines

Fwd: CERT Advisory CA-2003-10 Integer
overflow in Sun RPC XDR library routines 03/20/2003 12:59 PM
Muhammad Faisal Rauf Danka (Mar 20 2003)

linux kernel IEEE1394(Firewire) driver
integer overflow vulnerabilities

linux kernel IEEE1394(Firewire) driver
integer overflow vulnerabilities 06/22/2004 05:11 PM
infamous41md_at_hotpop.com (Jun 22 2004)

MDKSA-2004:158 - Updated samba packages
fix integer overflow vulnerabilities

MDKSA-2004:158 - Updated samba packages
fix integer overflow vulnerabilities 12/28/2004 01:14 PM
Mandrake Linux Security Team (Dec 27 2004)

[cliph@isec.pl: Linux kernel setsockopt
MCAST_MSFILTER integer overflow]

[cliph@isec.pl: Linux kernel setsockopt
MCAST_MSFILTER integer overflow] 04/20/2004 06:18 PM
David Ahmad (Apr 20 2004)

SecurityTracker.com Archives - Microsoft
Internet Explorer Integer Overflow in
Processing Bitmap Files Lets Remote
Users Execute Arbitrary Code

SecurityTracker.com Archives - Microsoft
Internet Explorer Integer Overflow in
Processing Bitmap Files Lets Remote
Users Execute Arbitrary Code 02/16/2004 05:20 PM
Internet Explorer 5 exploit that has been released based on the Win2K code leak .. Security Tracker reporta el primer problema de seguridad .. exploit

securitytracker.com/alerts/2004/Feb/1009067.html
track this site | 4 links

Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145)

Microsoft Security Bulletin MS03-048:
Cumulative Security Update for Internet
Explorer (824145) 11/13/2003 12:36 AM
This is a cumulative update that includes the functionality of all the previously-released updates for Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6.0. Additionally, it eliminates the following five newly-discovered vulnerabilities.
Grok Description matches for FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow
GrokA matches for FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow

Sony to Shrink PlayStation 2 September
17 - 12:18 PM ET News in Brief | Sony
Computer Entertainment is set to

Sony to Shrink PlayStation 2 September
17 - 12:18 PM ET News in Brief | Sony
Computer Entertainment is set to 09/17/2004 12:34 PM
BetaNews Sep 17 2004 5:16PM GMT

Sony and MBNA Launch the SonyCard, the
Official Sony Credit Card in the
Republic Of Ireland

Sony and MBNA Launch the SonyCard, the
Official Sony Credit Card in the
Republic Of Ireland 07/15/2004 03:32 AM
Sony and MBNA Ireland today announces the launch of the SonyCard Credit Card (www.SonyCard.ie) in the Republic of Ireland. [PRWEB Jul 15, 2004]

Sony PSP Launch Photos from Sony Metreon
San Francisco

Sony PSP Launch Photos from Sony Metreon
San Francisco 03/26/2005 04:13 PM
Mobile Tech Review Mar 26 2005 6:33PM GMT

New Sony Cybershots, HP Photosmarts,
Including Sony T3 (Rawr!)

New Sony Cybershots, HP Photosmarts,
Including Sony T3 (Rawr!) 08/30/2004 09:56 AM

Gott im Himmel, ze cameras! There have been like two dozen new cameras announced in the last few weeks as various manufacturers start ramping up for Christmas, and Sony and HP are no exception. Among the new Sonys announced today are two pocket-sized beauties that I want right now: the T3, an update to the T1 and Japan-only T11, a 5.1-megapixel camera that is Sony's thinnest at less than three-quarters of an inch; and the DSC-L1, a candy bar 4.1-megapixel unit that is only 3.75-inches long. Just when I was ready to buy a new camera Sony has to muck it all up with at least two that really do it for me. Oh, and there's also the new DSC-V3, a 7-megapixel unit that looks mighty fine, as well.

The HPs, well, they are okay, but I'll be honest, they don't get me all riled up as much as the two featherweight cameras from Sony do. If they fixed the middling image quality of the T1 in the T3, that may be my next sidearm. Living Room has a bunch of the press releases, and I'll add to this post if any more info comes through during the day.

Read - Sony Cybershot T3 [LivingRoomAU]
Read - Sony Cybershot DSC-L1 [LivingRoomAU]
Read - Sony Cybershot DSC-V3 [LivingRoomAU]
Read - HP Photosmart R607 [LivingRoomAU]
Read - HP Photosmart M407 [LivingRoomAU]
Read - HP Photosmart M307 [LivingRoomAU]
Read - Sony Shows Off New Low-End Digicam [PCWorld (Yahoo)]

While Sony Tries To Become Apple,
Samsung Tries To Become Sony

While Sony Tries To Become Apple,
Samsung Tries To Become Sony 05/13/2004 03:41 AM
Has anyone noticed that it's becoming increasingly difficult to tell Samsung from Sony? It appears that almost everything Sony does, Samsung does as well. So, it's really no surprise that a little over a month after Sony announced plans to build out retail stores more for advertising than for sales, Samsung plans to do the same thing. Of course, while Sony says they're more interested in using the stores for advertising, Samsung has gone one step further. They believe so strongly that this "store" is just for advertising that they won't sell you anything at the store. It's for showcasing products only. Also, a random note in the article, but the same week that Sony and Nintendo announced their plans for their next generation handheld gaming devices, this article also mentions that Samsung is planning for its own N-Gage like phone/gaming device. Apparently, the dismal failure of the N-Gage isn't enough to scare them off.

Sony

Sony 05/11/2004 10:20 PM
"We will firewall Napster at source - we will block it at your cable company, we will block it at your phone company, we will block it at your [ISP]. We will firewall it at your PC." -- Sony

The next Sony?

The next Sony? 11/05/2003 01:24 PM
Samsung has big ambitions in consumer electronics, but first it must overhaul a brand better known for low-end microwaves. It's up to Eric Kim to make it happen.

First Sony 3G for UAE

First Sony 3G for UAE 08/03/2004 07:04 AM
AME Info Aug 3 2004 11:14AM GMT

Oh well - Sony does it again

Oh well - Sony does it again 05/11/2004 01:43 PM

Oh god - now I'm starting to fell sorry for them.

I wonder if they have a clue how much they're damaging their brand and rep?

Whatever happened to Joi talking some sense into them?

Sony Gets Stupider.

Unbelievably, Sony seems to be getting more clueless as time passes. Clueless about digital music. Clueless about consumer experience. Clueless about values. A week after launching the horrible Connect music service which seeks to turn the musty MiniDisc into the next iPod, Sony has released its first branded music portable, the Vaio Pocket VGF-AP1. 20 gigs, a nice screen which can display album art, and a touch-sensitive panel. All well and good. Except… this private-format little devil plays *only* ATRAC3 files— that’s Sony’s proprietary music-file format. You heard me. It doesn’t play MP3s. Using bundled software, you can convert MP3 to ATRAC3 for playback in the Vaio Pocket.

Please understand my vitriol toward Sony, and why I think the company’s music products are worthy of boycott. If it were a simple matter of Sony being clueless, we could merely laugh at it. The infuriating part is that Sony believes the consumer is clueless. Sony believes that we should forsake the de facto standard of music files (MP3), with its gargantuan installed footprint, in order to bless our lives with Sony’s format and Sony’s hardware. The arrogance is breathtaking and insulting. Even Apple, second-place winner of the Arrogance Prize, allows plain MP3s into the iPod.

Sony’s pathetic Connect service will be crushed by consumer indifference. The Vaio Pocket will be granulated by the erosive power of a smart marketplace. And, if there be a technology god, Sony will sink into the dinosauric quicksand, never to torment us with its foolishness again.

[The Digital Music Weblog]

TGS: More Sony PSP

TGS: More Sony PSP 09/24/2004 09:54 AM

There's a boatload more images from the Tokyo Game Show coming through (more than just that remote, I'm saying), although they're mostly just shots of the PSP. I thought this one was precious, though. No word if Sony plans to sell all PSPs with an attached girl on a chain.

Allegedly there are 44 PSPs available for play at TGS, and one thing the author of this article
pointed out is that the demonstration units were all playing games - there were no demo units playing video (unlike at E3).

Tokyo Game Show Pics (Japanese) [ImpressWatch]

Related
PSP Archives [Gizmodo]

Sony PSP at the AGC

Sony PSP at the AGC 09/09/2004 07:52 PM

Portable gaming nerds hungry for any scraps of information about Sony's upcoming PSP handheld might want to talk a look at ConsoleConspiracy, where they've cribbed some notes from today's "Programming the PSP" talk at the Austin Game Conference. Nothing particularly sticks out at the moment, although they do confirm that the 7.1 surround sound out thing was just a weird rumor. Oh, and the PSP will be able to hook directly to a PC via USB 2.0; that could have some interesting ramifications, if none other than convenience.

Read - AGC - Programming the PSP [ConsoleConspiracy]

Related
PSP Archive [Gizmodo]

Sony PSP PVR

Sony PSP PVR 03/27/2005 06:28 PM

Sony Z1

Sony Z1 03/13/2003 10:22 AM
Cool Centrino notebooks: Sony Z1, Sony U101, ThinkPad T40.

Sony Cybershot DSC-T33

Sony Cybershot DSC-T33 12/28/2004 11:13 AM

Sony has released a new sleeker version of the CyberShot DSC-T3, called the DSC-T33, in countries that aren't Japan or the United States. Much like the DSC-T11 was the slimmer counterpart to the DSC-T1, the new camera isn't fundamentally different internally than its predecessor—the difference is just the casing. I have no idea why the camera might be available in Korea, for instance, but not other countries, but I'm sure that demand for a svelte, blue camera will encourage someone to start importing it into the US.

Whether a Japanese importer will ship a Japanese product from Korea to sell again in Japan is something I can't speculate on.

Sony Cyber-shot DSC-T33 Digital Camera [I4U]

Sony in talks with Chi Mei

Sony in talks with Chi Mei 01/05/2005 02:03 PM
globetechnology.com Jan 5 2005 5:18PM GMT

Sony Says in 20-Day Talks to Buy MGM

Sony Says in 20-Day Talks to Buy MGM 05/19/2004 07:18 AM
Boston Globe May 19 2004 11:46AM GMT

Sony names new CEO

Sony names new CEO 03/14/2005 04:52 PM
Sony has hired its first non-Japanese CEO. Can the head of Sony America revitalize the company's fortunes?

Sony PC doubles as TV

Sony PC doubles as TV 01/06/2005 05:50 PM
Latest Vaio desktop line includes PC that lets users watch their favorite TV show and send e-mail on the same box.

Three new Clies from Sony

Three new Clies from Sony 02/10/2004 02:52 PM
No surprise here, but today Sony unveiled three new Clie handhelds, the TJ27, the TH55, and the TJ37. Read...

New Sony Playstation on its way!

New Sony Playstation on its way! 07/13/2004 03:15 AM
iafrica.com Jul 13 2004 7:35AM GMT

Report: Sony PSP

Report: Sony PSP 03/29/2005 12:04 PM
PSPWare recommendations, ffmpeg, impressions and comparisons

Sony is told to pay up

Sony is told to pay up 03/28/2005 11:33 PM
International Herald Tribune Mar 29 2005 3:58AM GMT

Handing It to Sony

Handing It to Sony 03/28/2005 10:35 AM
The new PSP aims to put Sony in the heart of the handheld gaming market.

At last, a Sony counterattack

At last, a Sony counterattack 07/05/2004 07:32 AM
San Jose Mercury News Jul 5 2004 12:01PM GMT

Eight new Hi-MD players from Sony

Eight new Hi-MD players from Sony 01/28/2004 12:28 PM
We know it's hard to get that excited about Mini Disc players, I4U says that there are nine devices coming out that will support...

New Sony Bluetooth GPS GU-BT1

New Sony Bluetooth GPS GU-BT1 06/01/2004 02:24 AM
I4U Jun 1 2004 6:47AM GMT

Sony PSP released in U.S.

Sony PSP released in U.S. 03/24/2005 02:51 PM
Sony today officially launched its PlayStation Portable (PSP) in the U.S...

Sony PSP vs. Nintendo DS

Sony PSP vs. Nintendo DS 04/04/2005 08:45 AM

Sony Qualia 007

Sony Qualia 007 03/19/2005 02:45 AM

The (extremely) high-end Qualia 007 Super Audio CD Player (first shown at CES) is a designer's wet dream come true. Place a CD pretty much any where in the loading area and three pistons raise it up in the air, centering the disc as they go. The laser is held in a fork that slides out and grabs the disc. Pretty show aside, the 007 outputs sound in digital format through its 32-bit S-Master dual-channel to two custom-built speakers made from Japanese Maple for a full, rich sound that that can fill (or overpower) a party full of drinking tech journalists. The system launches next month with a price tag of $12,500.

Sony, Ken Jennings, and me

Sony, Ken Jennings, and me 12/26/2004 07:03 PM

Things may be a little quieter around here in the short term as I deal with some stuff going on in the real world. One of the reasons for the silence is that my legal difficulti es with Sony about the whole Ken Jennings thing have yet to be resolved. I can't say too much about it (soon perhaps), but it sure has had a chilling effect on my enthusiasm for continuing to maintain kottke.org. As an individual weblogger with relatively limited financial and legal resources, I worry about whether I can continue to post things (legal or not) that may upset large companies and result in lawsuits that they can afford and I cannot. The NY Times can risk upsetting large companies in the course of their journalistic duties because they are a large company themselves, they know their rights, and they have a dedicated legal team to deal with stuff like this. In the current legal climate, it may be that the whole "are blogs journalism?" debate is moot until bloggers have access to a level of legal resources similar to what large companies have. I'm certainly thinking very seriously about whether I can keep this site going in this kind of environment.

Update: Thanks for all the support everyone...I've gotten many nice emails and various offers of assistance. Several people have asked if they can help monetarily, which I very much appreciate, but the process is not quite to that point yet (and might never reach it) and I don't want to be responsible for refunds or anything like that. But again, I appreciate the support.

FW: [security bulletin] SSRT4718 rev.0 HP Tru64 UNIX NTP Integer Overflow

The following phrases have been identified by the grok system as matching this entry: sony 55" ssrt