TCP/IP Protocol Stack Zero Window Size Remote Denial Of Service Vulnerability

      Bugtraq ID:  31545  
      Class:  Unknown  
      CVE:  CVE-2008-4609
      KB967723
     
      Remote:  Yes  
      Local:  No  
      Published:  Oct 02 2008 12:00AM  
      Updated:  Sep 08 2009 06:01PM  
      Credit:  Robert E. Lee and Jack C. Lewis  

Not Vulnerable:  http://www.securityfocus.com/bid/31545

-- 
"If U know neither the enemy nor yourself,U will succumb in every battle" 
0
parad0X
9/8/2009 6:43:39 PM
grc.security.software 15003 articles. 0 followers. Follow

9 Replies
831 Views

Similar Articles

[PageSpeed] 47

==> Hmm, XP not listed as vulnerable.

-- 
PhilGreg
pgregory@fairepointe.net


"parad0X" <parad0X@lupa.cc> wrote in message 
news:h868lj$8g3$1@news.grc.com...
>      Bugtraq ID:  31545  Class:  Unknown  CVE: 
> CVE-2008-4609
>      KB967723
>     Remote:  Yes  Local:  No  Published:  Oct 02 2008 
> 12:00AM  Updated:  Sep 08 2009 06:01PM  Credit:  Robert E. 
> Lee and Jack C. Lewis
> Not Vulnerable:  http://www.securityfocus.com/bid/31545
>
> -- 
> "If U know neither the enemy nor yourself,U will succumb 
> in every battle" 


0
PhilGreg
9/9/2009 12:52:11 PM
"PhilGreg" <pgregory@fairepointe.net> wrote in message 
news:h89ii5$37q$1@news.grc.com...

> ==> Hmm, XP not listed as vulnerable.

Uhm, read it again near the top of the list to the right..
"Vulnerable"..

Microsoft Windows XP Tablet PC Edition SP3
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
(well..pretty well everything Windows except maybe
those not listed are too long out of warranty)

Now go get your patch/bandaid/update. ;)

'Seek and ye shall find'
NT Canuck


0
NT
9/10/2009 4:57:50 AM
"PhilGreg" <pgregory@fairepointe.net> wrote in message
news:h89ii5$37q$1@news.grc.com...

> ==> Hmm, XP not listed as vulnerable.

Uhm, read it again near the top of the list to the left..
"Vulnerable"..

Microsoft Windows XP Tablet PC Edition SP3
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
(well..pretty well everything Windows except maybe
those not listed are too long out of warranty)

Now go get your patch/bandaid/update. ;)

'Seek and ye shall find'
NT Canuck


0
NT
9/10/2009 4:59:39 AM
>       Bugtraq ID:  31545
>       Class:  Unknown
>       CVE:  CVE-2008-4609
>       KB967723

>       Remote:  Yes
>       Local:  No
>       Published:  Oct 02 2008 12:00AM
>       Updated:  Sep 08 2009 06:01PM
>       Credit:  Robert E. Lee and Jack C. Lewis

> Not Vulnerable:  http://www.securityfocus.com/bid/31545

http://www.netasq.com/en/threats/sockstress.php



0
ObiWan
9/10/2009 10:36:54 AM
"NT Canuck" <remove_ntcanuck@hotmail.com> wrote in message 
news:h8a113$f3u$1@news.grc.com...
> "PhilGreg" <pgregory@fairepointe.net> wrote in message
> news:h89ii5$37q$1@news.grc.com...
>
>> ==> Hmm, XP not listed as vulnerable.
>
> Uhm, read it again near the top of the list to the right..
> "Vulnerable"..
[snip]

Hmm again. The list is different today and it does list XP. 
It's in the middle of the page ( using FF) and yesterday I 
scrolled through the list twice to make sure.

Must be getting old :-(


-- 
PhilGreg
pgregory@fairepointe.net



0
PhilGreg
9/10/2009 8:54:49 PM
PhilGreg wrote:
> "NT Canuck" <remove_ntcanuck@hotmail.com> wrote in message 
> news:h8a113$f3u$1@news.grc.com...
>> "PhilGreg" <pgregory@fairepointe.net> wrote in message
>> news:h89ii5$37q$1@news.grc.com...
>>
>>> ==> Hmm, XP not listed as vulnerable.
>> Uhm, read it again near the top of the list to the right..
>> "Vulnerable"..
> [snip]
> 
> Hmm again. The list is different today and it does list XP. 
> It's in the middle of the page ( using FF) and yesterday I 
> scrolled through the list twice to make sure.
> 
> Must be getting old :-(

You're not alone in that :-( but it may not be the issue at hand.

MS's own KB about this explicitly said XP was not vulnerable (well, it 
did yesterday, anyway) and more to the point MS did not release an XP 
version of yesterday's patch.  (Or I haven't looked hard enough). 
Windows Update, which I run manually, did not include the patch for 
this, on my XP system.

The MS KB article was difficult to interpret, but I got the feeling the 
reason they excluded XP was that they think their firewall successfully 
defeats exploits, but not that they think their TCP isn't broken.  Fuzzy 
writing probably masking faulty reasoning.  I sure hope they change 
their mind and cover their XP users with the patch.

--FM /)`
0
FM
9/10/2009 10:33:08 PM
FM wrote:
> PhilGreg wrote:
>> "NT Canuck" <remove_ntcanuck@hotmail.com> wrote in message 
>> news:h8a113$f3u$1@news.grc.com...
>>> "PhilGreg" <pgregory@fairepointe.net> wrote in message
>>> news:h89ii5$37q$1@news.grc.com...
>>>
>>>> ==> Hmm, XP not listed as vulnerable.
>>> Uhm, read it again near the top of the list to the right..
>>> "Vulnerable"..
>> [snip]
>>
>> Hmm again. The list is different today and it does list XP. It's in 
>> the middle of the page ( using FF) and yesterday I scrolled through 
>> the list twice to make sure.
>>
>> Must be getting old :-(

> You're not alone in that :-( but it may not be the issue at hand.
> 
> MS's own KB about this explicitly said XP was not vulnerable (well, it 
> did yesterday, anyway) and more to the point MS did not release an XP 
> version of yesterday's patch.  (Or I haven't looked hard enough). 
> Windows Update, which I run manually, did not include the patch for 
> this, on my XP system.
> 
> The MS KB article was difficult to interpret, but I got the feeling the 
> reason they excluded XP was that they think their firewall successfully 
> defeats exploits, but not that they think their TCP isn't broken.  Fuzzy 
> writing probably masking faulty reasoning.  I sure hope they change 
> their mind and cover their XP users with the patch.
> 
> --FM /)`

Hmph.  Post first, research later, bad methodology.  Bad FM.

So MS'S Security Bulletin MS09-048 underwent an update Sept. 10, and XP 
is now listed as vulnerable, albeit the "aggregate severity rating" for 
XP is "low" - and there remains no patch available.

On a side note, it seems we-all had better keep an on-going eye on these 
TCP suite of patches:  according to KB967723, there are "known issues" 
with this update on some Windows versions (this KB was updated Sept. 10 
as well, although I'm not sure the issues are what changed).

--FM /)`
0
FM
9/10/2009 11:18:09 PM
"NT Canuck" <remove_ntcanuck@hotmail.com> wrote in message 
news:h8a14a$f4u$1@news.grc.com...
> "PhilGreg" <pgregory@fairepointe.net> wrote in message
> news:h89ii5$37q$1@news.grc.com...
>
>> ==> Hmm, XP not listed as vulnerable.
>
> Uhm, read it again near the top of the list to the left..
> "Vulnerable"..

> [snip]
> Microsoft Windows XP Professional SP2
[snip]
>> (well..pretty well everything Windows except maybe
> those not listed are too long out of warranty)
>
> Now go get your patch/bandaid/update. ;)

==> Did it last nite :-)

-- 
PhilGreg
pgregory@fairepointe.net 


0
PhilGreg
9/11/2009 2:04:49 AM
"FM" <invalid@invalid.invalid> wrote in message 
news:h8c1g5$291k$1@news.grc.com...
[snip]

> On a side note, it seems we-all had better keep an 
> on-going eye on these TCP suite of patches:  according to 
> KB967723, there are "known issues" with this update on 
> some Windows versions (this KB was updated Sept. 10 as 
> well, although I'm not sure the issues are what changed).

==> I don't have enough eyes. There's too much 'ongoing' <g>

-- 
PhilGreg
pgregory@fairepointe.net


0
PhilGreg
9/11/2009 4:16:22 AM
Reply:

Similar Artilces:

Microsoft Windows TCP/IP ICMP Remote Denial Of Service Vulnerability
Bugtraq ID: 27139 Class: Input Validation Error CVE: CVE-2007-0066 Remote: Yes Local: No Published: Jan 08 2008 12:00AM Updated: Jan 08 2008 12:00AM Credit: The vendor credits Alex Wheeler and Ryan Smith of IBM Security Systems X-Force for reporting this issue. Vulnerable: Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows XP Professional x64 Edition ...

Microsoft Windows TCP/IP Protocol Driver Remote Buffer Overflow Vulnerability
Bugtraq ID: 18374 Class: Boundary Condition Error CVE: CVE-2006-2379 Remote: Yes Local: No Published: Jun 13 2006 12:00AM Updated: Jul 01 2006 04:14PM Credit: Minaev Andrey discovered this issue. Vulnerable: Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional SP2 Microsoft Windows XP Professional SP1 Microsoft Windows XP Professional Microsoft Windows XP Media Center Edition SP2 Microsoft Windows XP Media Center Edition SP1 Microsoft Windows XP Media Center Edition Microsoft Windows XP Home SP2 Microsoft Windows XP Home SP1 Microsoft Windows XP Home Microsoft Windows Server 2003 Web Edition SP1 Microsoft Windows Server 2003 Web Edition Microsoft Windows Server 2003 Standard x64 Edition Microsoft Windows Server 2003 Standard Edition SP1 Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Enterprise x64 Edition Microsoft Windows Server 2003 Enterprise Edition 64-bit SP1 Microsoft Windows Server 2003 Enterprise Edition 64-bit Microsoft Windows Server 2003 Enterprise Edition SP1 Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Datacenter x64 Edition Microsoft Windows Server 2003 Datacenter Edition 64-bit SP1 Microsoft Windows Server 2003 Datacenter Edition 64-bit Microsoft Windows Server 2003 Datacenter Edition SP1 Microsoft Windo...

Snort TCP/IP Options Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA13664 VERIFY ADVISORY: http://secunia.com/advisories/13664/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: Snort 2.2.x http://secunia.com/product/3954/ DESCRIPTION: Marcin Zgorecki has reported a vulnerability in Snort, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the printing of TCP/IP options. This can be exploited to cause an unspecified DoS by sending a specially crafted packet. Successful exploitation requires that snort is conf...

Microsoft Windows Large Image Processing Remote Denial Of Service Vulnerability
bugtraq id 10913 object class Failure to Handle Exceptional Conditions cve CVE-MAP-NOMATCH remote Yes local No published Aug 10, 2004 updated Apr 11, 2005 vulnerable ATI Mobility Radeon 7500 Driver Intel Graphics Driver Matrox G400 Driver 5.82.18 .0 Microsoft Windows 2000 Advanced Server SP4 Microsoft Windows 2000 Advanced Server SP3 Microsoft Windows 2000 Advanced Server SP2 Microsoft Windows 2000 Advanced Server SP1 Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Datacenter Server SP4 Microsoft Windows 2000 Datacenter Server SP3 Microsoft Windows 2000 Datace...

Alert: Microsoft Security Bulletin MS04-042
Reposted from NTBugtraq: <quote> Microsoft Security Bulletin MS04-042: Vulnerability in DHCP Could Allow Remote Code Execution and Denial of Service (885249) Bulletin URL: <http://www.microsoft.com/technet/security/bulletin/MS04-042.mspx> Version Number: 1.0 Issued Date: Tuesday, December 14, 2004 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Important Patch(es) Replaced: None Caveats: None Tested Software: Affected Software: ------------------ * Microsoft Windows NT Server 4.0 Service Pack 6a <http://tinyurl.com/45tvp> * Mi...

"Denial of Service Vulnerability in Windows 2000 RunAs Service"
http://www.camisade.com/research/reports/radix1112200103.html ...

TCP Receive window size is zero
I have an application which has 6 TIdTCPClients not all of which are always connected. Each second 96000 application packets of length 576 are sent (55 MBytes) per channel. I have intermittent failures which I do not understand. Sometimes things run properly with all channels. Other times it fails with only one (or more) channels. Using Wireshark, I can tell the failures occur because the TCP receive window drops to zero. This happens even though the packets are being properly ACKed. I thought if t he packet got ACKed, the receive window would not decrease. Task manager shows the CPU ...

Replacement TCP/IP stack for Windows?
Are there any replacement TCP/IP stacks out there to use with Windows? I have a machine that has gone belly up with TCP/IP and nothing will get it to work. I'd prefer not to have to rebuild the machine so I am hoping to find a different stack/protocol/driver that I can use to get it working. Thanks. Michael Hi, Mike - What makes you think trading one stack for another will fix the problem? Wouldn't you be better off by properly diagnosing the root issue at hand, THEN taking appropriate action? Is this system certifiably clean of virii and other malware? ...

adding tcp/ip protocol stack
I've got an E1000E card in my NW5.1 server that has ethernet II & 802.2 on it currently. Can I load & bind TCP/IP to that board on the fly? I tried using NWconfig, but it creates an E1000E-2 driver so I'm thinking I'll need to load & bind at the server console. If that's the case, can someone refresh my memory on the syntax for those statements as far as where the IP addr & subnet goes? (I'm embarrassed to admit, I've never loaded a TCP/IP stack on a server.) Thanks! Craig -- new_wave1229 ------------------------------------------------...

IPv6 vulnerable to remote denial-of-service attacks
Independent security researcher Georgi Guninski has discovered a security vulnerability in the OpenBSD implementation (OpenBSD 3.4) of Internet Protocol version 6 (IPv6) that could allow an attacker to cause a denial of service. Machines are vulnerable when they are configured to receive ICMPv6 (Internet Control Message Protocol) and are listening on a TCP port. "A remote attacker can take advantage of this by setting a small IPv6 MTU (Maximum Transmission Unit) and then connecting to an open TCP port." Upgrades are available to resolve the problem. IPv6, the successor to IPv4...

Mozilla Messenger Remote Denial Of Service Vulnerability
Mozilla Messenger has been reported prone to a remote denial of service vulnerability. The issue is reported to present itself when a NULL is encountered in the message body of an e-mail. It is reported that when the vulnerable software encounters a malicious e-mail as described above, the GUI will cease to respond properly. A remote attacker may potentially exploit this condition to deny service to Mozilla Messenger users. http://www.securityfocus.com/bid/10145/discussion/ -- Donna, Track or post software updates at http://www.dozleng.com/updates/index.php?act=calen...

TCP Window size going to zero is bad right? :)
I've been dealing with a frustrating problem on a NW 6.5 SP8 server with zen 7sp1hp4ir4wtf1 the last few weeks. It took a bit to get to the point of taking a packet trace but I finally got around to doing that. Symptoms have been zenworks agents puking all over either not going online, or taking forever to refresh, and other misc login errors. I've already loaded up a new Netware 6.5 and Zen to take over for it, as I've hit my frustration level with this box. Anyway, what's happening is that that I'm seeing the tcp window size drop to 0 frequently. The s...

Internet Explorer Remote IFRAME Denial Of Service Vulnerability
A denial of service vulnerability has been reported to affect Internet Explorer. The issue is reported to present itself when Internet Explorer attempts to render IFRAME HTML tags that contain an invalid source argument. A remote attacker may exploit this vulnerability to cause the running instance of Internet Explorer to crash. Vulnerable : Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 http://www.securityfocus.com/bid/10073/discussion/ -- Donna, Track or post software updates at http://www.dozleng.com/updates/index.php?act=calendar ...

Vulnerability in SUN's TCP/IP stack
Sun Microsystems has issued an advisory describing a vulnerability in the TCP/IP implementation in Solaris. The flaw allows attackers to bypass the security policies set by a firewall or even to cause a kernel panic by sending specially crafted packets to a vulnerable system. The vendor has released no further details about the nature of the problem, but it seems that it is caused by an error in the reassembly of fragmented packets. According to Sun, the affected versions are Solaris 8, 9 and 10 on SPARC and x86 platforms. Patches have been released to solve the problem. Alter...

Adobe Acrobat Stack Exhaustion Denial of Service Vulnerability
Bugtraq ID: 35148 Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: May 29 2009 12:00AM Updated: May 29 2009 10:59PM Credit: Saint Patrick Vulnerable: Adobe Acrobat Reader 9.1.1 Adobe Acrobat 9.1.1 Not Vulnerable: http://www.securityfocus.com/bid/35148 -- "If U know neither the enemy nor yourself,U will succumb in every battle" ...

MS Windows 2000 TCP/IP Security Settings
(Cross-posted to grc.linkfarm, grc.security.software) (Follow-ups set to grc.security.software) Security-related settings documentation excerpted from: <http://secinf.net/info/nt/2000ip/tcpipimp.html> MS Windows 2000 TCP/IP Implementation Details Operating System White Paper By Dave MacDonald and Warren Barkley Abstract This white paper describes the Microsoft� Windows� 2000 operating system TCP/IP implementation details, and is a supplement to the Microsoft Windows 2000 TCP/IP manuals. The Microsoft TCP/IP protocol suite is examined from the bottom up. Through...

Windows Server 2003 Local Denial of Service Vulnerabilities
Windows Server 2003 Local Denial of Service Vulnerabilities http://secunia.com/advisories/14808/ ----------------------------------------------------------- Quote ----------------------------------------------------------- Secunia Advisory: SA14808 Release Date: 2005-04-05 Critical: Not critical Impact: DoS Where: Local system Solution Status: Vendor Patch OS: Microsoft Windows Server 2003 Datacenter Edition Microsoft Windows Server 2003 Enterprise Edition Microsoft Windows Server 2003 Standard Edition Microsoft Windows Server 2003 Web Edition ...

Microsoft Windows EMF File Denial of Service Vulnerability
Microsoft Windows EMF File Denial of Service Vulnerability http://secunia.com/advisories/14631/ ----------------------------------------------------------- Quote ----------------------------------------------------------- Secunia Advisory: SA14631 Release Date: 2005-03-18 Critical: Not critical Impact: DoS Where: From remote Solution Status: Unpatched OS: Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Datacenter Server Microsoft Windows 2000 Professional Microsoft Windows 2000 Server Description: Hongzhen Zhou has discovered ...

Microsoft Windows Image Rendering Denial of Service Vulnerability
Microsoft Windows Image Rendering Denial of Service Vulnerability http://secunia.com/advisories/15064/ ----------------------------------------------------------- Quote ----------------------------------------------------------- Secunia Advisory: SA15064 Release Date: 2005-04-22 Critical: Less critical Impact: DoS Where: From remote Solution Status: Unpatched OS: Microsoft Windows XP Home Edition Microsoft Windows XP Professional Description: Andrew has discovered a vulnerability in Windows, which can be exploited by malicious people to cause a ...

ClamAV RAR Archive Remote Denial Of Service Vulnerability
ClamAV has been reported prone to a remote denial of service vulnerability. The issue presents itself when a RAR archive that is created by variants of the W32.Beagle.A@mm worm (MCID 2443) is encountered. Solution: The vendor has released an upgrade to address this issue: Clam Anti-Virus ClamAV 0.65: Clam Anti-Virus Upgrade clamav-0.68.tar.gz http://prdownloads.sourceforge.net/clamav/clamav-0.68.tar.gz?download Clam Anti-Virus ClamAV 0.67: Clam Anti-Virus Upgrade clamav-0.68.tar.gz http://prdownloads.sourceforge.net/clamav/clamav-0.68.tar.gz?download http://www.securityf...

Microsoft Windows Media Services Remote Command Execution Vulnerability
Posted on 27 June 2003 ======================================================= = Windows Media Services Remote Command Execution #2 = = brett.moore@security-assessment.com = http://www.security-assessment.com = = MS Bulletin posted: June 25, 2003 = http://www.microsoft.com/technet/security/bulletin/MS03-022.asp = = Affected Software: = Microsoft Windows 2000 = = Public disclosure on June 25, 2003 ======================================================== = Our Rating: Due to the ease of exploitation of this vulnerability and = the fact that it allows command execution against a vulnerable server = we feel that this patch is CRITICAL for all servers that have the = vulnerable dll installed even if Windows Media Services are not in use. ======================================================== A short time after a long time ago, in a place very similar to the last, where the sun shines, the snow falls and the water is still clean.... Continuing with our 'Methodical Approach To Finding Overflows' against nsiislog.dll we discovered another issue but due to complications this fix was not released with the previous nsiislog.dll bulletin. == MS03-022 states == Impact of vulnerability: Allow an attacker to execute code of their choice Maximum Severity Rating: Important There is a flaw in the way nsiislog.dll processes incoming client requests. A vulnerability exists because an attacker could send specially formed HTTP request (communications...

NDPS, Windows 2000 and tcp/ip print service failure
Folks, anyone seeing this or know anything about it? I recently moved all my PAs to a new server, running under their old manager there (i.e. I unloaded ndpsm on the old machine and then ran it on the new one, without error). All ran okay and looks okay *but* quite often now the tcp/ip print service on Windows 2000 PCs hosting the PAs fails when it receives a print job from the manager. The sequence is that the LPDSVC on the PC closes down, reporting in the event log that it did so `successfully' (i.e. as if it had been asked to!); a few seconds thereafter the print spooler...

Remote client fails to connect via TCP/IP protocol?
I am trying to switch clients from IPX to TCP/IP via ODBC; it works on my 2 PCs (which are NOT remote). However, on the remote workstations it fails to startup / connect to the database. Does anyone have remote clients, or can offer any suggestions? I'm using Sybase SQL Anywhere 5.5.04, and my clients are NT 4.0 ; thanks for any input. Check out http://my.sybase.com/detail?id=1011225 -- Larry Cermak [Team Sybase] Corporate Technology Partners, Inc Coming soon: Web DataWindow Book Web DataWindow Articles: http://my.sybase.com/detail?id=1003371 <susiegrace>...

Windows TCP/IP Print Service stopped by iPrint client
Hi. We recently installed the iPrint client version 4.32 on many PCs in my company. Some of these PCs with Windows 2000/XP share their local printers with the TCP/IP Print Service (LPDSVC). We found that since the install of iPrint, the mentioned service stops even if configured as Automatic. Anyone knows why? Any solution? Thanks in advance. Diego -- dtascon ------------------------------------------------------------------------ dtascon, It appears that in the past few days you have not received a response to your posting. That concerns us, and has trigg...

Web resources about - TCP/IP Protocol Stack Zero Window Size Remote Denial Of Service Vulnerability - grc.security.software

Vulnerability (computing) - Wikipedia, the free encyclopedia
In computer security , a vulnerability is a weakness which allows an attacker to reduce a system's information assurance . Vulnerability is the ...

Facebook Fixing Vulnerability That Would Prohibit Users From Revoking App Permissions
Facebook is working to remedy a vulnerability discovered by application security provider MyPermissions , which blocks users of the social network ...

Search Twitter - xss vulnerability
... incog @ xssineverything X-Line @ XLine0fficiel View more people Top news story The Next Web @ TheNextWeb 3h TweetDeck users: An XSS vulnerability ...

The Power of Vulnerability - Brene Brown - TED Talks - YouTube
http://www.ted.com Brene Brown studies human connection our ability to empathize, belong, love. In a poignant, funny talk at TEDxHouston, she ...

Hackers exploit 'Flash' vulnerability in Yahoo ads
For seven days, hackers used Yahoo's ad network to send malicious bits of code to computers that visit Yahoo's collection of heavily trafficked ...

Wrong and right of Tony Abbott's policy vulnerability
As debate builds over the Coalition government, conservative voices weigh in with their concerns.

Researchers find vulnerability in EA's Origin platform - online safety, ReVuln, electronic arts, security ...
Users of Origin, the game distribution platform of Electronic Arts (EA), are vulnerable to remote code execution attacks through origin:// URLs, ...

Islamic State's call to arms reveals a sense of vulnerability
Islamic State's call to arms a scatter-gun approach, to say the least &#8211; and more than faintly ridiculous.

Researcher misinterprets Oracle advisory, discloses unpatched database vulnerability
Instructions on how to exploit an unpatched Oracle Database Server vulnerability in order to intercept the information exchanged between clients ...

Cycling and vulnerability: an issue of inequality
As the car hit my bicycle from behind, a strange thought flashed through my mind.

Resources last updated: 3/13/2016 3:59:22 AM