Month: September 2007
-
arfis: Automated Remote File Inclusion Search
[This was originally published on the OSVDB blog.] Nutshell What you see here is the output of the ”arfis project”, a simple perl script. It automatically downloads and extract PHP projects from sourceforge.net and checks for Remote File Inclusion vulnerabilities. It then post’s the potential (now it’s -potential-, cause the script is in an early…
-
2007 Top Vulnerable Vendors?
[This was originally published on the OSVDB blog.] http://www.eweek.com/article2/0,1895,2184206,00.asphttp://www.eweek.com/c/a/Security/Report-MS-Apple-Oracle-Are-Top-Vulnerable-Vendors/ New IBM research shows that five vendors are responsible for 12.6 percent of all disclosed vulnerabilities. Not surprising: In the first half of 2007, Microsoft was the top vendor when it came to publicly disclosed vulnerabilities. Likely surprising to some: Apple got second place. IBM Internet…
-
Snickers and Happy Land
Earlier today, Snickers moved on to the happy land of the eternal guinea pig. Due to complications from her ovarian cysts/tumors, she stopped eating shortly after I left for Sacramento. Kay took her to the vet for x-rays and it was immediately clear that her internal system was a mess and it was a matter…