0 Comments

Complete failure of Oracle security response and utter neglect of their responsibility to their customers

Dear security community and Oracle users, Many of my customers run Oracle. Much of the U.K. Critical National Infrastructure relies on Oracle; indeed this is true for many other countries as well. I know that there’s a lot of private information about me stored in Oracle databases out there. I have good reason, like most […]

0 Comments

Linux kernel ELF core dump privilege elevation

Hi, since it became clear from the discussion in January about the uselib() vulnerability, that the Linux community prefers full, non-embargoed disclosure of kernel bugs, I release full details right now. However to follows at least some of the responsable disclosure rules, no exploit code will be released. Instead, only a proof-of-concept code is released […]

0 Comments

Is there a scam in Security Certifications

I did take your advice and query Mr. Bavisi directly regarding your research. Below is his response. As for Mr. Bavisi’s statement that the language regarding “EC-Councuil Universty is licensed by the State of Wyoming under Wyo. Stat. 21-2-401 through 21-2-407 and neither the Department of Education nor the Wyoming State Board of Education has […]

0 Comments

[EXPL] Cdrecord RSH SUID Shell Creation

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com promotion The SecuriTeam alerts list – Free, Accurate, Independent. Get your security news from a reliable source. Cdrecord RSH SUID Shell Creation SUMMARY Max Vozeler found that the http://www.fokus.gmd.de/research/cc/glone/employees/joerg.schilling/private/cdrecord.html cdrecord program, which can be […]

0 Comments

[Snort-sigs] (snort decoder) Bad Traffic Same Src/Dst IP {trying to supress alerts from certain IP’s}

Question I’m trying to suppress alerts from 2 machines where this traffic is normal. When using base to identify the SID it says the SID is 151 but when I search snort.org I can not find THIS rule. I have searched high and low to find references to this specific instance of the rule (I […]