Speedlinking : December 22 2006
- Andres Riancho has released untidy which is a general purpose XML fuzzer. It takes a string representation of a XML as input and generates a set of modified, potentially invalid, XMLs based on the input.
- MSG from metaeye.org has released SQID v0.2 which is a command line SQL injection testing tool.
- A Microsoft Windows Vista exploit has surfaced on a Russian website. From what it looks like, this is a privilege escalation vulnerability within csrss.exe which is the main executable for the Microsoft Client and Server runtime. This flaw is locally exploitable only, and affects all versions of Windows.
- Apple has seeded a build of Mac OSX 10.4.9 to developers on Thrusday, an update which will more than likely be the last to Tiger.
- Japanese researchers have caught a giant Squid off of the Ogasawara Islands which is south of Tokyo.
- Zone-H the site which archives website defacements, gets defaced. Zone-H has written up a full incident analysis report on this.
I hope everyone has a Happy Holidays, and a safe New Years! Thanks for reading my blog.
bill Said,
December 23, 2006 @ 12:47 pm
Windows Vista flaw: you forgotten to say that it’s a LOCAL flaw.
bill Said,
December 23, 2006 @ 12:48 pm
Windows Vista flaw: you forgotten to say that it’s a LOCALLY exploitable flaw.