sorted by: recent | see :
popular
Content Tagged with Articles + Security
The Moron's Guide to Kerberos
Well written introductory article explaining *concept* of Kerberos system
remember to upgrade to firebird 2.0.4 or firebird2.1
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0467
Security vulnerability in Borland InterBase
A security vulnerability discovered early this year in open source database Firebird also affects Borland’s InterBase. The security vulnerability allows …
Securing Java applications with Acegi, Part 1: (IBM developerworks)
Securing Java applications with Acegi, Part 1
Anatomy of Security-Enhanced Linux (SELinux)
Linux has been described as one of the most secure operating systems available, but the NSA has taken Linux to the next level with the introduction of SELinux. SELinux takes the existing GNU/Linux operating system and extends it with kernel and user-space
New Firebird packages fix several vulnerabilities in debian
This Debian security advisory is a bit unusual. While it’s normally
our strict policy to backport security bugfixes to older releases, this
turned out to be infeasible for Firebird 1.5 due to large infrastructural
changes necessary to fix these issues. As a consequence security support
for Firebird 1.5 is hereby discontinued, leaving two options to
administrators running a Firebird database:
I. [...]
Firebird remote BOF POC
Firebird Remove Buffer Overflow Proof of concept was posted on BugTraq
The bug is the one fixed in the next stable releases and is not present in firebird 2.1 rc1& rc2 here is the description:
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow [...]
Why is Database Security So Hard?
I was recently asked a question by someone who had attended my Shmoocon talk entitled “Why are Databases So Hard to Secure?”. PDF slides are available (1.34 Mb). I was going to put this into a more formal structure, but the conversational nature works really well. I would love to see comments [...]
Firebird Relational Database ‘protocol.cpp’ XDR Protocol Remote Memory Corruption Vulnerability
Firebird is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren’t overrun. Attackers may exploit this issue to overflow a buffer and to corrupt process memory.
Attackers may be able to execute arbitrary machine code in the context of an affected application. Failed exploit attempts will likely result in a denial-of-service [...]
Security
firebird
news
developer
Articles
Technical
integer-overflow
Steal This Wi-Fi
Whenever I talk or write about my own security setup, the one thing that surprises people -- and attracts the most criticism -- is the fact that I run an open wireless network at home. There's no password. There's no encryption. Anyone with wireless capab
Random Bits: HOWTO: Tunneling HTTP over SSH with DD-WRT, DynDNS and Putty
Great article on how to use SSH tunneling to create a SOCKS5 proxy that can be used by Firefox. This together with FoxyProxy can accomplish proxying for particular domains.
Page 1 | Next >>