In association with heise online

02 June 2009, 16:21

Lost+Found: Random numbers, URL expander and WebDAV

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Too short for news, too good to lose; lost+found is a round up of useful security information. Today, random numbers, URL expander and WebDAV

Steampunk-inspired mechanical random number generator: May thy dice chip and shatter

Microsoft's explanation as to which IIS configuration settings allowed exploitation via the WebDAV vulnerability was pretty unclear. Steve Friedl from has attempted to bring light where there was darkness: Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability

Making long of short: A Firefox plug-in that shows the true target of shortened URLs in the preview. LongURLPlease

An unpatched vulnerability crashes Adobe Reader 9.1.1 and Acrobat 9.1.1. The cause is recursive JavaScript function calls, which clog up the stack (stack exhaustion). PDF DoS exploit on Milw0rm

Expect the unexpected – but then react accordingly (after Heraclitus). Even when all hypothetical threats (to a system) are known, there's still the problem of deciding which to take seriously and to take concrete precautions against: Emerging Threats and Security Planning - How Should We Decide What Hypothetical Threats to Worry About?PDF


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit