[ml] /.: IT: DJB Announces 44 Security Holes In *nix Software

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Dicembre 2004 ml@sikurezza.org
Soggetto: [ml] /.: IT: DJB Announces 44 Security Holes In *nix Software
Mittente: Igor Falcomata'
Data: Fri, 17 Dec 2004 01:14:56 +0100 (CET)

Gia' passato su altre liste, ma interessante e didattico (inteso per il
resto del mondo, non per i poveri studenti che non passeranno il corso):

IT: DJB Announces 44 Security Holes In *nix Software
Posted by timothy on Wednesday December 15, @06:15PM
from the extra-credit dept.
generationxyu writes "D. J. Bernstein, better known as DJB, has
announced the discovery of 44 security holes that were found by students
in his course MCS 494: Unix Security Holes this fall at the University
of Illinois at Chicago. Vulnerable programs of note include: CUPS, NASM,
mpg123, MPlayer, xine-lib, and numerous others. Copies of the
notification emails are here. The homework for the course was to find
and exploit 10 previously undiscovered security holes in currently
deployed Unix software. In a class of 25, 44 security holes seems a bit
low. Most of the class failed. I was credited with bsb2ppm (actually
libbsb) and jpegtoavi. After 300 hours of work and an A average on the
exams, I expect to fail the course."
http://it.slashdot.org/article.pl?sid=04/12/15/2113202&tid=172&tid=146&tid=128&tid=130&tid=1&tid=106

e, gia' che ci sono:
Your Rights Online: Hacker Sentenced To Longest US Sentence Yet
Posted by samzenpus on Wednesday December 15, @08:30PM
from the learn-to-make-friends dept.
Iphtashu Fitz writes "The Associated Press is reporting that a Michigan
man has been sentenced to 9 years in prison for his involvement in
hacking into the corporate systems of Lowe's Home Improvement and
attempting to steal customer credit card information. The sentence far
exceeds the 5 1/2 years that hacker Kevin Mitnick spent behind bars. Two
others are awaiting sentencing, including one of the first people to
ever be convicted of wardriving. Prosecutors said the three men tapped
into the wireless network of a Lowe's store in Southfield, Mich., used
that connection to enter the chain's central computer system in North
Wilkesboro, N.C., and installed a program to capture credit card
information. No data was actually collected however."
http://yro.slashdot.org/article.pl?sid=04/12/15/234223&tid=123&tid=95&tid=172

Data:
- precedente: [ml] Re:Master universitari, Bulgaro
- successivo: Re: [ml] Master universitari, Davide Cerri
- indice

Argomento:
- precedente: Re: [ml] Re:Master universitari, Davide Cerri
- successivo: [ml] Cisco ACS 3.3 e Radius Attributes, Paolo Olivares
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005