Bugtraq
85 Stories
Microsoft denies security risk in Windows Media
News Software giant says flaw is a "reliability issue with no security risk to customers" and criticizes researcher for not contacting the company.
Tags: Network security, Applications and tools, Microsoft Corp., Security, Media Player, Vulnerability, BugTraq, mailing list, Microsoft Windows, researcher
Hackers reveal hole in IBM Web software
News Two hackers have published a program that breaks the encryption-protecting passwords on servers running older versions of IBM's e-commerce software, highlighting the possibility that dozens--if not hundreds--of sites have been left open to digital thieves.
Security hole in Java may expose servers
News A Sun advisory warns customers of a vulnerability in Java versions 1.1 and 1.2, but says Internet Explorer and Netscape aren't affected.
Microsoft warns of IE exploit code in the wild
News Company says it is investigating a publicly published exploit code that allegedly could lead to computers running versions 6 or 7 of the browser getting compromised.
Tags: Web browsers, PC security, windows alerts, security mailing list, Microsoft Corp., CSS, BugTraq, Microsoft Internet Explorer, exploit code, mailing list
Symantec probes reports of antivirus product flaw
News Security software vendor is investigating a report of a weakness in the way its corporate antivirus software stores login credentials.
Tags: Data security, Hacking
Computer prank slips past security experts
News A Trojan horse posing as a security tool tricks experts at SecurityFocus.com--which moderates the popular BugTraq security list--after they send the mildly malicious code to the list's 37,000 users.
Security problem found in Microsoft software
News Microsoft's Web browser has a security vulnerability that lets malicious programmers find temporary Internet file folders and take over a target computer, a security expert reported Monday.
HP patches 'critical' flaw in 100 laptop models
News Hewlett-Packard has released a patch which disables its Info Center shortcut tool, used in 100 different HP laptop models, in an attempt to work around a design flaw.
Tags: PC security
Back doors in AIM security tool irk pros
News A tool recommended by a security group to squash the bugs in America Online's Instant Messenger application actually had secret backdoor code.
Attack code out for Oracle database
News Computer code takes advantage of one of the dozens of flaws Oracle provided fixes for this week.
Tags: Data security, Hacking, Security applications/tools, Security implementation/standards, Databases
Sayonara, Code Red, for now
News The largely unsuccessful "Code Red" worm gives system administrators some room to fix nearly 300,000 infected machines. Newer, more effective variants may be on the horizon, however.
Code Red stopped--for now
News System administrators have 10 days to fix nearly 300,000 Web servers infected by the Code Red worm before the malicious program halts its largely unsuccessful but ongoing attack on Whitehouse.gov and starts spreading again.
Code Red stopped--for now
News System administrators have 10 days to fix nearly 300,000 Web servers infected by the Code Red worm before the malicious program halts its largely unsuccessful but ongoing attack on Whitehouse.gov and starts spreading again.
Are vulnerabilities ever really fixed?
Techguide Earlier this month, news surfaced of a new threat that could cause a "LAND attack," resulting in a temporary denial of service (DoS) that could last about 30 seconds, locking up servers and workstations in the process. The vulnerability affects Windows Server 2003 and Windows XP systems that have Support Pack 2 installed, but the firewall turned off.
Sans Institute warns of cookie-stealing threat
News The security body says information has been released about the CookieMonster exploit that may facilitate the stealing of cookies from encrypted browser sessions.
Tags: Security, Web sites, Web browsers, Cookie, TCP, Web Browser, SANS Institute, Training, Vulnerability, IP
