|
|
Colapse all |
Post message
Critical Patch Update April 2005 for Database 9.2 and 10.1 Update - Correction 2005-07-22 unbelievable patch_me com Re: Peter Gutmann data deletion theaory? 2005-07-22 Thor (Hammer of God) (thor hammerofgod com) I *love* nuking CD's.... But apparently, the practice is no longer "officially" supported due to the toxic emmissions of the Phthalocyanine contained in the sublimation layer (and other chems) Great fun, though. t ----- Original Message ----- From: "Jay D. Dyson" <jdyson (at) treachery (dot) net [email concealed]> To: "Bug [ more ] [ reply ] RE: Peter Gutmann data deletion theaory? 2005-07-21 Robert Thompson Jr. (rthompson columbiabank com) "Do you all agree with Peter Gutman's conclusion on his theory that data can never really be erased, as noted in his quote below:" Absolutely... If you have ever done any form of data recovery, you will see how much information is recoverable, with just basic tools off of the internet. If you have [ more ] [ reply ] RE: Peter Gutmann data deletion theaory? 2005-07-21 Jared Johnson (jaredsjazz Yahoo com) Interesting. Well it all makes sense. I'm trying to setup a routine for our corporation to regularly wipe our old hard drives before dumping and donating them. It's fairly sensitive data in that if our competitors got a hold of it, it would probably put us out of business. Seems that just the simp [ more ] [ reply ] RE: Peter Gutmann data deletion theaory? 2005-07-21 Earnhart, Benjamin J (benjamin-earnhart uiowa edu) I agree with most of what you say, and the general idea is valid. However, the specifics of > then a full reformat is quite enough to cause them to move on > to the next > machine - they're not going to have the motivation or > equipment to delve > into a randomly selected disk. is a dangerous [ more ] [ reply ] Re: RE: Peter Gutmann data deletion theaory? 2005-07-22 underwood-de hotmail com I was in charge of a stand alone, 125 user, authorised to process up to and including secret, network for a number of years. Our cable infrastructure was fiber from server to the desktop with the only exposed piece of fiber being the LAN connection from PC to the box. The hard drives were removeabl [ more ] [ reply ] Re: Peter Gutmann data deletion theaory? 2005-07-22 "Vincent DUVERNET (Nolmë Informatique)" (vincent duvernet nolme com) Re: several vulnerabilities present in Belkin wireless routers 2005-07-22 Roman Daszczyszak (romandas gmail com) I can't comment on the Belkin stuff. As for Cisco IIRC, telnet is enabled by default, however it doesn't allow anyone to log in unless a telnet password is set on the vty lines and the login command is configured as well, and those are not set by default. So, you can certainly use a telnet exploit [ more ] [ reply ] [PTsecurity] MaxPatrol Network Security Scanner - Free unlimited version has been released. 2005-07-22 Alexander Anisimov (anisimov ptsecurity com) [ GLSA 200507-20 ] Shorewall: Security policy bypass 2005-07-22 Sune Kloppenborg Jeppesen (jaervosz gentoo org) Re: Peter Gutmann data deletion theaory? 2005-07-22 Volker Tanger (vtlists wyae de) Greetings! On Thu, 21 Jul 2005 14:07:12 -0500 Simple Nomad <thegnome (at) nmrc (dot) org [email concealed]> wrote: > On Wednesday 20 July 2005 18:48, Jared Johnson wrote: > > Data overwritten once or twice [...] > The quote is from 1996. I spoke with Guttman about this at AusCERT a > few years ago and even *he* doesn't belie [ more ] [ reply ] RE: Peter Gutmann data deletion theaory? 2005-07-21 Tiago Halm (thalm hotmail com) One thing I would add here is the difference between the physical data and its meaning. Physically, it may always be possible to retrieve data, but when there is no notion of the topic at hand or the possible semantic associated with the data, then that may be an impossible task trying to assemble p [ more ] [ reply ] User privilege escalation exploit. 2005-07-22 sunos5 8 hotmail com Vendor: CyberSource Version: Business Center, Essentials/Small Business, https://businesscenter.cybersource.com/ Severity: Vulnerability allows malicious employees or comprimised accounts to steal money. Vendor Status: Notified, but expects to fix issue some time in 2006. Overview: Business Cen [ more ] [ reply ] eBay phishing - phishers are getting better 2005-07-21 John Gateley (gateley jriver com) I just got another phishing scam (targeting eBay). The twist is that the subject line included my eBay username, and it was sent to my eBay e-mail address. The Phishers have figured out how to get one from the other, I don't know how. I sent it on to eBay but just got a standard form letter back. [ more ] [ reply ] Advisory 11/2005: Multiple vulnerabilities in Contrexx 2005-07-22 Christopher Kunz (christopher kunz hardened-php net) SlimFTPd Server: PoC Exploit 2005-07-22 Dim K0r0l (dim acolytez com) --------------------------------------- Affected version: 3.16 Bug found by Raphaël Rigo PoC exploit for demonstration --------------------------------------- *#!/usr/bin/perl* /# --------------------------------------------------- #/ /# 47slimftpd_bof.pl - PoC exploit for SlimFTPd Server #/ /# v [ more ] [ reply ] Re: Re: [HSC Security Group] Invision PowerBoard 1.3.x - 2-x Exploit and Patch 2005-07-21 h4cky0u securityfocus com, "[at]" securityfocus com,gmail securityfocus com, "[dot]" securityfocus com,com securityfocus com Well it seems that there has been some confusions regarding the exploit. One of the users at my site www.h4cky0u.org reported me the exploit and claimed that it was coded by him and his friend. Then i reported the matter to Zinho of HSC who released the advisory regarding the same. I later realised [ more ] [ reply ] Re: (ICMP attacks against TCP) (was Re: HPSBUX01137 SSRT5954 rev.4 - HP-UX TCP/IP Remote Denial of Service (DoS)) 2005-07-21 Dennis Lubert (plasmahh informatik uni-bremen de) At 00:09 20.07.2005, Fernando Gont wrote: >The IPv4 minimum MTU is 68, and not 576. If you blindly send packets >larger than 68 with the DF bit set, in the case there's an intermmediate >with an MTU lower that 576, the connection will stall. > >576 is the minimum reassembly buffer size. That is t [ more ] [ reply ] Mozilla XPCOM Library Race Condition 2005-07-21 GulfTech Security Research (security gulftech org) ########################################################## # GulfTech Security Research July 21st, 2005 ########################################################## # Vendor : Mozilla # URL : http://www.mozilla.org/projects/xpcom/ # Version : Not Available # Risk : Race Condition #### [ more ] [ reply ] Multiple vulnerabilities in libgadu and ekg package 2005-07-21 Wojtek Kaniewski (wojtekka toxygen net) Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure manner. Bugs fixed in ekg- [ more ] [ reply ] RE: Peter Gutmann data deletion theaory? 2005-07-21 Glenn Everhart chase com The relevant question one should ask is: how costly will it be (time, money) to recover data? If you have, for example, a modern tape and just zero it (write eofs at the beginning), nearly every drive in the world will report blank tape errors if you try to go past BOT, even if the tape store past [ more ] [ reply ] |
|
Privacy Statement |
If you have applied the patches for Critical Patch Update July 2005 (CPUJul2005) already, you can skip this message.
You are receiving this email because you were sent an email subjected "Critical Patch Update April 2005 for Database 9.2 and 10.1 Update" on July 6 or July
[ more ] [ reply ]