Saturday, January 15, 2005

Linux vendors release security patches

Red Hat, SuSE and Mandrakesoft have all released patches for their Linux products to fix security flaws - some of which are rated 'critical'.

Linux vendors Red Hat, Novell and Mandrakesoft on Wednesday released patches for several vulnerabilities, ranging from flaws that could allow denial-of-service (DoS) attacks to buffer overflows.

Five of the updates released were rated "highly critical" on Thursday by security information company Secunia. Red Hat released three updates, while Novell's SuSE and Mandrakesoft each released one.
SuSE issued updates to resolve flaws including a vulnerability that could allow malicious code to cause a local DoS attack using a specially created Acrobat document. The vulnerabilities would affect most SuSE Linux-based products.
Another vulnerability in the Linux system components used to route network traffic could allow a malicious person to execute a local DoS attack by inserting erroneous information into the netfilter data stream, according to SuSE.
Red Hat, meanwhile, issued a package of updates for its desktop, enterprise and advanced-workstation software.
An updated libtiff package was released to address vulnerabilities involving various integer overflows. The vulnerabilities would enable an attacker who has tricked a user into opening a malicious image file in the TIFF format to make a libtiff-related application crash or have the potential to compromise the computer with arbitrary code.
Red Hat also released updates for Xpdf packages to address a vulnerability to a potential buffer overflow. Xpdf is a stand-alone application for reading Portable Document Format documents and is also used by many Linux programs to process PDF files. This vulnerability could enable an attacker to create a PDF file that would crash Xpdf and possibility execute arbitrary code when opened, according to Red Hat's update.
Red Hat also released multiple patches to resolve flaws in its Xpm library. The XPixMap (XPM) format enables colour images to be stored in an easily portable file.
Several stack overflow flaws and an integer overflow vulnerability were found in the libXpm library, which, in turn, is used to decode XPM images. If an attacker creates an XPM file that causes an application to crash, a computer system could be compromised.
Mandrakesoft also released an update for Imlib, a standard set of code used by older versions of the GNOME desktop to process graphics.
Image-related vulnerabilities have cropped up recently in other Linux software.
Last month, a couple of Linux groups issued patches for several flaws in common Linux code used in older GNOME desktop versions for processing graphics. Those vulnerabilities could enable attackers to compromise computers that display a malicious image file.


Microsoft: DRM Trojan hole is not a vulnerability

Microsoft has responded to security warnings about its Media Player by saying that Windows XP SP2 will protect its customers from malware...

Microsoft has denied that an anti-piracy "feature" in its Windows Media Player that allows a Trojan horse to run on a user's PC is a vulnerability.

Panda Software warned earlier this week that hackers are using the player's DRM tool to fool people into downloading spyware and viruses.
The Spanish security company said that virus writers had released licence-protected multimedia files containing Trojan horses (WmvDownloader.A and WmvDownloader.B) that can exploit the anti-piracy features in version 10 of the Media Player and Windows XP SP2.
Despite Panda's warning that the Trojan can download a cocktail of malware, Microsoft denies there is a flaw in its software.
"This Trojan appears to utilise a function of the Windows Media DRM designed to enable licence delivery scenarios as part of a social engineering attack," said Microsoft in an emailed statement.
"There is no way to automatically force the user to run the malicious software. This function is not a security vulnerability in Windows Media Player or DRM."
But Microsoft didn't say whether Windows XP SP2 fully protected users from unwanted downloads.
"Internet Explorer for Windows XP SP2 helps prevent downloads from automatically launching. Users who have installed Windows XP SP2 and turned on the pop-up blocker have an added layer of defence from this Trojan's attempt to deliver malicious software," said Microsoft.The Redmond giant also said that people should go to the police if they think they have been attacked by such Trojans

Monday, January 10, 2005

Bypass filtering method 2

Some ISP's don't allow to you that connecting to the known proxy servers and ports.

For who they have this problem download JAP then:
Install it, and let it to configure your browser.Then run it from "Start->programs" and browse any where.

IRAN web filtering goes stupid!

...The problem is these days they're filtering so many other sites such as "Orkut". They changed their ways in web filtering.

Here're the list of proxy servers which you can use it to bypass the censorship.
Enter one of these addresses into your explorer "Proxy Settings".I've checked all of them.
--------------------------------------------
planlab1.cs.caltech.edu:3128
planetlab2.cs.purdue.edu:3128
planetlab1.ucsd.edu:3128
planetlab-1.Stanford.EDU:3128
planetlab1.lcs.mit.edu:3128
planetlab1.eecs.umich.edu:3128
planetlab1.csres.utexas.edu:3128
planetlab1.cs.Virginia.EDU:3128
planetlab1.cs.umass.edu:3128
planetlab1.cs.uiuc.edu:3128
Planetlab1.CS.UCLA.EDU:3128
planetlab1.cs.ubc.ca:3128
planetlab-1.CS.Princeton.EDU:3128
planetlab1.cs.duke.edu:3128
planetlab1.cs.cornell.edu:3128
planetlab1.comet.columbia.edu:3128
PLANETLAB-1.CMCL.CS.CMU.EDU:3128
planetlab1.cis.upenn.edu:3128
planetlab-02.bu.edu:3128
planetlab01.cs.washington.edu:3128
planet2.cs.rochester.edu:3128
planet1.scs.cs.nyu.edu:3128
planet1.cs.ucsb.edu:3128
planet1.cc.gt.atl.ga.us:3128
---------------------------------------------
Another useful source to such this servers & bypass censorship are here:
http://www.web.freerk.com/proxylist.htm

IPv6 Part - A : Introduction

... I decide to write about IPv6 after this time, because we'll need it sooner or later.
The first part is "Introduction".

This set of Web pages provides information of Internet Protocol Version 6 (IPv6). IPv6 is sometimes also called the Next Generation Internet Protocol or IPng. IPv6 was recommended by the IPng Area Directors of the Internet Engineering Task Force at the Toronto IETF meeting on July 25, 1994 in RFC 1752, The Recommendation for the IP Next Generation Protocol . The recommendation was approved by the Internet Engineering Steering Group and made a Proposed Standard on November 17, 1994.
The core set of IPv6 protocols were made an IETF Draft Standard on August 10, 1998.
Internet Protocol Version 6 is abbreviated to IPv6 (where the "6" refers to it being assigned version number 6). The previous version of the Internet Protocol is version 4 (referred to as IPv4).
IPv6 is a new version of IP which is designed to be an evolutionary step from IPv4. It is a natural increment to IPv4. It can be installed as a normal software upgrade in internet devices and is interoperable with the current IPv4. Its deployment strategy is designed to not have any flag days or other dependencies. IPv6 is designed to run well on high performance networks (e.g. Gigabit Ethernet, OC-12, ATM, etc.) and at the same time still be efficient for low bandwidth networks (e.g. wireless). In addition, it provides a platform for new internet functionality that will be required in the near future.
IPv6 includes a transition mechanism which is designed to allow users to adopt and deploy IPv6 in a highly diffuse fashion and to provide direct interoperability between IPv4 and IPv6 hosts. The transition to a new version of the Internet Protocol must be incremental, with few or no critical interdependencies, if it is to succeed. The IPv6 transition allows the users to upgrade their hosts to IPv6, and the network operators to deploy IPv6 in routers, with very little coordination between the two.