Various Notes | Morse Code Ringtones | Java updates | More Pages on the Way

Thursday, June 25th, 2009

Sorry for the vague title, but there are various thoughts floating around at the moment. The first is a big thanks to the support at Westhost for recovering my VPS over the last weekend. I had started an automatic upgrade of wordpress in one of the sites hosted in this vps, it hung… so I [...]

Mail command missing in ubuntu by default

Sunday, November 5th, 2006

Not really, news, but I was reminded again this evening that mail is not available at the command line in recent default installs of Ubuntu (or kubuntu /xubuntu). If you’re like me and make use of this for scripting notifications…. you’ll need to sudo apt-get install mailx (and a MTA like postfix.) Mailx requires postfix/sendmail/qmail [...]

Phishing – so many flaws to exploit so little time

Wednesday, June 28th, 2006

In the last week there was a well documented writeup of a cross site scripting vulnerability which had allowed a phisher to pose as a paypal login with THE LEGIT PAYPAL SSL CERTIFICATE…. Brian Krebs at the Security Fix has some details on some of the new and interesting ways phishers are trying to exploit [...]

Quickbooks “An error has occurred in the script on this page”

Tuesday, May 16th, 2006

I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script [...]

IE phishing exploit..

Sunday, April 9th, 2006

There is ANOTHER IE vulnerability that’s come across the news in the last week. It seems that this is currently only a Proof of Concept, I’ll have to check and see if anyone’s reported seeing this in the wild…, but essentially a race condition between a Macromedia flash file and web content can allow a [...]

IE exploit unofficial patches

Tuesday, March 28th, 2006

While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say [...]

Update on Internet Explorer Exploit in the wild

Monday, March 27th, 2006

If you use Internet Explorer to browse the web, I’d suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft’s infinite wisdom that “Microsoft has determined that an attacker who exploits this vulnerability would have [...]

Another critical IE flaw

Thursday, March 23rd, 2006

I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it’s trivial for them to do worse. The bottom line is, be careful what sites you visit, beware of [...]

Automatically downloading a file mp3 with a bash script

Tuesday, December 27th, 2005

Linux systems give you many possibilities and one of them is good scheduling (cron), another is good scripting capabilities. I’ve done things with linux fairly easily that with Windows would have been next to impossible and required me to download several other things to make it happen. Anyway, I recently saw mention of a linux, [...]

Serious PHP flaw

Friday, August 26th, 2005

PHP which is a widely used scripting language for webpages has been found to have a serious vulnerability. The Inquirer is reporting on the announcement at hardened-php.net that the vulnerabilities are in the XML-RPC for PHP and PEAR XML-RPC libraries. This is apparently an eval() vulnerability similar to one earlier in the year.    Send [...]

Google
 
Web www.averyjparker.com

Switch to our mobile site