Month: September 2007

arfis: Automated Remote File Inclusion Search

[This was originally published on the OSVDB blog.] Nutshell What you see here is the output of the ”arfis project”, a simple perl script. It automatically downloads and extract PHP projects from sourceforge.net and checks for Remote File Inclusion vulnerabilities. It then post’s the potential (now it’s -potential-, cause the script is in an early…

September 19, 2007
2007 Top Vulnerable Vendors?

[This was originally published on the OSVDB blog.] http://www.eweek.com/article2/0,1895,2184206,00.asphttp://www.eweek.com/c/a/Security/Report-MS-Apple-Oracle-Are-Top-Vulnerable-Vendors/ New IBM research shows that five vendors are responsible for 12.6 percent of all disclosed vulnerabilities. Not surprising: In the first half of 2007, Microsoft was the top vendor when it came to publicly disclosed vulnerabilities. Likely surprising to some: Apple got second place. IBM Internet…

September 19, 2007
Snickers and Happy Land

Earlier today, Snickers moved on to the happy land of the eternal guinea pig. Due to complications from her ovarian cysts/tumors, she stopped eating shortly after I left for Sacramento. Kay took her to the vet for x-rays and it was immediately clear that her internal system was a mess and it was a matter…

September 7, 2007