Second critical mremap() bug found in all Linux kernels

Grok Headline matches for Second critical mremap() bug found in all Linux kernels

Re: Second critical mremap() bug found
in all Linux kernels

Re: Second critical mremap() bug found
in all Linux kernels 02/18/2004 01:32 PM
Steve Bremer (Feb 18 2004)

Linux mremap bug correction

Linux mremap bug correction 01/06/2004 01:03 PM
Paul Starzetz (Jan 06 2004)

Linux kernel mremap() bug update

Linux kernel mremap() bug update 01/16/2004 10:59 AM
Paul Starzetz (Jan 15 2004)

Re: Linux kernel mremap vulnerability

Re: Linux kernel mremap vulnerability 01/05/2004 02:50 PM
Paul Starzetz (Jan 05 2004)

Linux kernel mremap vulnerability

Linux kernel mremap vulnerability 01/05/2004 02:50 PM
Paul Starzetz (Jan 05 2004)

Critical Exploit Found in AIM

Critical Exploit Found in AIM 08/10/2004 04:58 AM

Two Critical Bugs found in IE

Two Critical Bugs found in IE 06/08/2004 05:14 PM

"4 more critical exploits are found in
IE"

"4 more critical exploits are found in
IE" 07/14/2004 03:29 AM

Another critical Windows vulnerability
found

Another critical Windows vulnerability
found 03/21/2003 01:36 PM
Another critical Windows vulnerability found

track this site | 3 links

Critical Flaw Found in Windows XP SP2

Critical Flaw Found in Windows XP SP2 08/21/2004 04:31 PM
Security firm Secunia has detailed a new flaw in Internet Explorer that affects users running Windows XP Service Pack 2. The vulnerability involves drag-and-drop, which can be used within a Web page to place a malicious program in the Windows startup folder.

Secunia has branded the issue "highly critical" and says it comes from "insufficient validation of drag and drop events issued from the 'Internet' zone." Users are advised to disable Active Scripting, or use a Web browser other than Internet Explorer.

The security researcher who discovered the flaw has posted proof-of-conccept code, which involves dragging an image across a Web page. But Secunia says it could be simplified to require just one mouse click. Microsoft, however, brushed off concerns over the potential issue. "Given the significant amount of user action required to execute an attack, Microsoft does not consider this to be a high risk for customers," the company said.

View: Full Story
News source: BetaNews

Read full story...

Critical Oracle flaw found

Critical Oracle flaw found 12/11/2003 09:38 AM
Personal Computer World Dec 11 2003 9:10AM ET

Critical Flaws Found In Mozilla Products

Critical Flaws Found In Mozilla Products 09/15/2004 03:45 PM
After releasing their much awaited preview release of Firefox 1.0, the Mozilla Foundation has issued a warning about seven critical security issues with three of its flagship products.

Any product versions prior to Mozilla 1.7.3, Firefox 1.0PR and Thunderbird 0.8 are considered vulnerable. Mozilla recommends that all users upgrade their affected software to prevent exploitation of their systems.

All current releases of mentioned software are considered "patched" against these new found vulnerabilities. Users of affected software should download the most recent version of their products as soon as possible to ensure their continued safe functionality.


View: Mozilla Foundation
View: Neowin Forum Discussion
News source: Internetnews.com

Read full story...

Critical flaw found in Unreal engine

Critical flaw found in Unreal engine 06/23/2004 12:39 PM
globetechnology.com Jun 23 2004 5:05PM GMT

Critical flaw found in game software

Critical flaw found in game software 06/22/2004 08:37 PM
A hole in the "Unreal" game engine could let attackers take over vulnerable computers.

Critical Security Flaw Found in Unreal
Engine

Critical Security Flaw Found in Unreal
Engine 06/23/2004 04:45 AM

Highly critical exploit found in AOL
Instant Messenger

Highly critical exploit found in AOL
Instant Messenger 08/09/2004 01:28 PM
Ryan McGeehan of TheBillyGoatCurse.com has reported a vulnerability in AOL Instant Messenger (AIM), which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the handling of "Away" messages and can be exploited to cause a stack-based buffer overflow by supplying an overly long "Away" message (about 1024 bytes). A malicious website can exploit this via the "aim:" URI handler by passing an overly long argument to the "goaway?message" parameter.

Successful exploitation may allow execution of arbitrary code on a user's system when e.g. a malicious website is visited with certain browsers.

The vulnerability has been confirmed in version 5.5.3595. Other versions may also be affected.

Various other issues were also reported, where a large amount of resources can be consumed on a user's system.

AOL was contacted but has not responded.

News source: Secunia

Read full story...

Future of 2.4 and 2.6 Kernels

Future of 2.4 and 2.6 Kernels 12/06/2003 03:23 PM
Blair16 writes "According to this article on C|Net, not everybody is chomping at the bit for the new Linux 2.6.0 kernel. Marcelo Tosatti, the appointed deputy ...

Novell OES: A tale of two kernels

Novell OES: A tale of two kernels 02/01/2005 08:19 PM
I got to sit down last week with Charlie Ungashick, Novell's director of product management and marketing, Linux servers and desktops. (Charlie hands out two business cards: one for his title, one for everything else!) We talked about - what else - Novell's upcoming Open Enterprise Server.

Linux Goes Mainstream, But Not
Mission-Critical

Linux Goes Mainstream, But Not
Mission-Critical 03/31/2005 09:04 AM
Extreme Tech Mar 31 2005 1:16PM GMT

Linux goes mission-critical for Danish
government

Linux goes mission-critical for Danish
government 09/23/2004 11:51 PM

New Linux Security Hole Found

New Linux Security Hole Found 06/14/2004 07:31 PM
A young programmer found a new way to crash most Linux 2.4 or 2.6 distributions running on an x86 architecture, but a fix is being distributed.

Fault found at Linux core

Fault found at Linux core 12/05/2003 09:01 AM
Personal Computer World Dec 5 2003 8:41AM ET

New flaw found in Linux kernel

New flaw found in Linux kernel 06/15/2004 09:05 PM

Serious Linux Security Flaw Found

Serious Linux Security Flaw Found 12/02/2003 02:35 PM
The bug affects versions of the Linux kernel prior to 2.4.23, and was the method used during a recent attack on Debian's servers, according to the advisory. In that attack four Linux servers that hosted Debian's bug tracking system, mailing lists, and various Web pages were compromised.

Security hole found in Linux

Security hole found in Linux 03/19/2003 10:26 PM

Another security hole found in Linux
kernel

Another security hole found in Linux
kernel 02/19/2004 11:38 AM

New Linux Security Hole Found (Ziff
Davis)

New Linux Security Hole Found (Ziff
Davis) 06/14/2004 07:35 PM
Ziff Davis - A young programmer found a new way to crash most Linux 2.4 or 2.6 distributions running on an x86 architecture, but a fix is being distributed.

Nasty Linux kernel crash exploit found

Nasty Linux kernel crash exploit found 06/14/2004 10:48 PM
Versions 2.4.x and 2.6.x of the Linux kernel running on x86 systems are vulnerable to a simple, yet nasty bit of C code that will hard lock the kernel. The kicker is that anyone with shell access can execute the code and bring down the system.

Flaw found in Unix/Linux admin tool

Flaw found in Unix/Linux admin tool 09/20/2004 09:17 PM
Computer Weekly Sep 21 2004 1:19AM GMT

Critical Path in critical condition

Critical Path in critical condition 12/25/2003 09:17 AM
CNET Dec 25 2003 9:16AM ET

Keeping Found Things Found: Web Tools
Don't Always Mesh With How People Work

Keeping Found Things Found: Web Tools
Don't Always Mesh With How People Work 12/18/2003 06:55 AM
Keeping Found Things Found: Web Tools Don't Always Mesh With How People Work
http://www.nsf .gov/pubsys/ods/getpub.cfm?pr03146

Of all the personal computers to be unwrapped during the holiday season, more than 80 percent will be used to go online and search the Web's more than 92 million gigabytes of data (comparable to a 2 billion-volume encyclopedia). Getting online is the easy part, finding a useful Web page is a bit harder—keeping track of a useful Web page is another issue altogether.

People have devised many tricks—such as sending e-mails to themselves or jotting on sticky notes—for keeping track of Web pages, but William Jones and Harry Bruce at the University of Washington's Information School and Susan Dumais of Microsoft Research have found that often people don't use any of them when it comes time to revisit a Web page. Instead, they rely on their ability to find the Web page all over again.

Keeping Found Things Found on the Web

Keeping Found Things Found on the Web 01/28/2004 08:56 AM
Keeping Found Things Found on the Web - A Research Project of the Information School at the University of Washington
http://kftf.isc hool.washington.edu/projKFTF.asp
http://kftf .ischool.washington.edu/publications.asp

The goal of this study is to understand better the ways in which people manage information for subsequent re-access and re-use. The study focuses on the management of information found on the Word Wide Web. Follow-on studies will look at similar problems and practices of personal information management for other information types including email and personal files (electronic and paper-based). The classic problem of information retrieval, simply put, is to help people find the relatively small number of things they are looking for (books, articles, web pages, CDs, etc.) from a very large set of possibilities. This classic problem has been studied in many variations and has been addressed through a rich diversity of information retrieval tools and techniques.

A follow-on problem also exists which has received relatively less study: Once found, how are things organized for re-access and re-use later on? What can be done to avoid the need to repeat the entire search process? We refer to this as the problem of Keeping Found Things Found. The current study addresses this problem in the context of World Wide Web use. The study focuses on use of the Web by managers, researchers, librarians and other information specialists. But it is expected that the results of the study will be relevant to most users of the Web.

"critical pick-up"

"critical pick-up" 06/02/2004 11:21 PM

Critical credo

Critical credo 12/19/2004 03:23 PM
I've been enjoying reading music critic Alex Ross's blog over at "The Rest is Noise" for some time now. This thoughtful comment on the role of the critic caught my eye -- it pretty well sums up what I aspired to in the many years I devoted to writing about theater and movies:

"As a critic, I'm obliged to describe musical reality precisely as I hear it; I can't sway in the breeze of intermission chatter. All the same, I want to write a review that will be of use even to a listener who had an entirely different experience. This entails writing with a certain humble awareness that my experience is not universal, that my account will never be carved in granite. Criticism is at its best where confidence meets generosity. It's a tricky business: the slide into fake omniscience is deliciously quick. But I'm working on it."

MS patch day: nothing critical

MS patch day: nothing critical 05/12/2004 07:09 AM
Solitary fix. Stay calm

Funny and critical.

Funny and critical. 07/19/2004 09:55 AM
Joel gets read a lot by us techies. In part because he's insightful and writes well, in part due to his particular pedigree, and in part because he delights in tweaking us in our soft, contentious places. In the set of blogs that I self-label as "experience talking to us", I've been reading Joel and have now included the excellent blog Rands In Repose. (Which, I think Ev has ...

Critical Understanding

Critical Understanding 09/09/2004 10:27 PM

An observation about critiquing work, if you'll indulge me...

Mission-critical

Mission-critical 05/21/2004 11:34 PM
Shark Tank: Programmer takes over the critical code for transmitting settlements on a major e-commerce network, and he keeps noticing one function in the link file output that doesn't seem to be called anywhere. ...

IT Doesn't Just Matter, It's Critical

IT Doesn't Just Matter, It's Critical 05/07/2004 04:14 PM
Following on the post we had yesterday about why Nicholas Carr is barking up the wrong tree with his thesis that IT doesn't matter, here's an article from Don Tapscott in CIO magazine taking apart Carr's ideas in detail. It's really an update to a previous talk Tapscott gave criticizing Carr's ideas, but it's well worth the read. He makes the argument that companies that buy into Carr's beliefs are effectively going to commit suicide, and supports my belief in "fleeting competitive advantages" rather than sustainable ones by saying: "The speed of the competition is accelerating and competitors are trying to catch up. This is the new normal. Companies need to be more agile. Get used to it!"
Grok Description matches for Second critical mremap() bug found in all Linux kernels
GrokA matches for Second critical mremap() bug found in all Linux kernels

Second critical mremap() bug found in all Linux kernels

The following phrases have been identified by the grok system as matching this entry: