HomeEnglish

Computers

Cross-Site Scripting (XSS) in IDLogger website statistics version 7.7
Submitted by xqus on Thu, 08/13/2009 - 16:39

------------------------------------------------------------------------
Cross-Site Scripting (XSS) in IDLogger website statistics version 7.7
------------------------------------------------------------------------

Author: Audun Larsen (larsen at xqus dot com)
Date: August 13, 2009

--AFFECTED SOFTWARE--------------------------

Name: IDLogger
Version: 7.7
Website: http://www.idlogger.com

Tags:
Ditionary files
Submitted by xqus on Sat, 01/17/2009 - 18:18

Dictionary files are files containing all kinds of words excellent for brute force password attacks.
Here are my collection. Some of them made by me, and other collected around the internett.

Tags:
Netcraft reports: 14% of SSL Certificates signed using Vulnerable MD5 Algorithm
Submitted by xqus on Sun, 01/04/2009 - 23:02

Netcraft reports that 14% of SSL Certificates are signed using md5.

Tags:
MD5 considered harmful - SSL to be considered broken?
Submitted by xqus on Wed, 12/31/2008 - 14:00

A team of researchers (including one Norwegian) has managed to break the technology that issues trusted certificates for secure websites (SSL). As a proof of concept they executed a practical attack scenario and successfully created a rogue Certification Authority (CA) certificate trusted by all common web browsers.
The long, official version and the short version. Happy reading.

Tags:
Is security bugs just normal bugs?
Submitted by xqus on Wed, 07/16/2008 - 20:04

I just got to ask you this: Is security bugs just normal bugs? Or should they be treated special?

The reason I ask, is because of a statement made by Linus Torvalds in a discussion on the Linux kernel mailinglist just a few days ago.

So I personally consider security bugs to be just "normal bugs". I don't
cover them up, but I also don't have any reason what-so-ever to think it's
a good idea to track them and announce them as something special.

Tags:
Drupal selected as Sourceforge 2008 community choice award finalist in five categories
Submitted by xqus on Sun, 07/13/2008 - 12:36

Drupal is a finalist for the SourceForge 2008 Community awards in not less than 5 categories.

  • Best project
  • Best project for Enterprise
  • Best project for Educators
  • Best Tool or Utility for Developers
  • Most Likely to Change the World

Sweet!

Tags:
Munin 0.8-dev released
Submitted by xqus on Fri, 03/07/2008 - 18:39

Today, I released version 0.8-dev of Munin, my PHP application firewall.

Munin 0.8-dev is available for downlod here.

Tags:
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
Submitted by xqus on Tue, 01/01/2008 - 18:07

I just posted this to Bugtraq, so I'll post it here to.

------------------------------------------------------------------------
Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search
------------------------------------------------------------------------

Author: Audun Larsen (larsen at xqus dot com)
Date: Dec 29, 2007

--AFFECTED SOFTWARE--------------------------

Name: phpWebSite
Version: 1.4.0
Release date: Dec 11, 2007

Developed by the Web Technology Group at Appalachian State University,
phpWebSite provides a complete web site content management system ( CMS ).

Tags:
Clearing the content of a file
Submitted by xqus on Sat, 12/29/2007 - 14:20

This is mostly a note for myself, but sharing is caring.

To clear the content of a file:

$ echo "" > filename

To fill a file with junk:

$ cat /dev/urandom > filename

Tags:
Pownce invites
Submitted by xqus on Sun, 09/16/2007 - 11:03

OK, here's the deal. I have some Pownce invites and they are no use just sitting there, not used by anyone.

So, If you want an invite, just add a comment or send me an e-mail and I'll send out the ones I've got.

Tags:

Recent Comments

del.icio.us bookmarks

Not bookmarked by anyone, yet. Why don't be the first?
Delicious Bookmark this on Delicious

RSS, XHTML, CSS