Month: September 2007

  • arfis: Automated Remote File Inclusion Search

    [This was originally published on the OSVDB blog.] Nutshell What you see here is the output of the ”arfis project”, a simple perl script. It automatically downloads and extract PHP projects from sourceforge.net and checks for Remote File Inclusion vulnerabilities. It then post’s the potential (now it’s -potential-, cause the script is in an early […]

  • 2007 Top Vulnerable Vendors?

    [This was originally published on the OSVDB blog.] http://www.eweek.com/article2/0,1895,2184206,00.asphttp://www.eweek.com/c/a/Security/Report-MS-Apple-Oracle-Are-Top-Vulnerable-Vendors/ New IBM research shows that five vendors are responsible for 12.6 percent of all disclosed vulnerabilities. Not surprising: In the first half of 2007, Microsoft was the top vendor when it came to publicly disclosed vulnerabilities. Likely surprising to some: Apple got second place. IBM Internet […]

  • Snickers and Happy Land

    Earlier today, Snickers moved on to the happy land of the eternal guinea pig. Due to complications from her ovarian cysts/tumors, she stopped eating shortly after I left for Sacramento. Kay took her to the vet for x-rays and it was immediately clear that her internal system was a mess and it was a matter […]