November 2004 - Posts
I probably get asked this question every other day, "is there any security education available from Microsoft for my developers?" and the answer is, of course, yes. Here are my top picks: Course 2806 Microsoft Security Guidance Training for Developers
Read More...
I just posted a new Code Secure article on MSDN about running as an admin, but executing browsers and email clients in lower privilege. http://msdn.microsoft.com/security/securecode/columns/default.aspx?pull=/library/en-us/dncode/html/secure11152004.as
Read More...
If you use SAMBA 3.0.7 or prior (appears, 2.x is not vulnerable) you should read this http://www.kb.cert.org/vuls/id/457622 , here's a snippet: Vulnerability Note VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
Read More...
A colleague sent me a link to an interesting article that looks just like an integer overflow issue: http://www.palmbeachpost.com/politics/content/news/epaper/2004/11/05/a29a_BROWVOTE_1105.html Broward machines count backward By Eliot Kleinberg Palm Beach
Read More...
A nasty set of security bug fixes by Mandrake in xorg-x11 had the funniest text I've seen in a security bulletin. Ever! I have highlighted the funny part in red. http://www.linuxsecurity.com/advisories/mandrake_advisory-5081.html Problem Description:
Read More...
Wow, 9 years recommended for spamming! http://www.msnbc.msn.com/id/6401091/
Read More...
Normally, most phishing attacks don't get past the spam filters, but this one did, not sure why... anyway here it is, complete with an appropriate level of bad grammar! Oh, and the IP address points to China! Dear Customer: Recently there have been a
Read More...
Weighing in at a hefty 3Mb and 109pp, the NSA has posted the "Apple Mac OS Security Configuration Guide." If you use Macs you should read this doc at http://www.nsa.gov/snac/os/applemac/osx_client_final_v.1.pdf This is goodness.
Read More...
Following my previous post about the Apache 'fix', I was asked what code examples I had showing lousy instances of strncpy and strncat. <rant> Many developers think that because they are using a counted string copy function the code is safe from
Read More...
