Archive for December 17th, 2008

FireFox 2.0.0.19

Published December 17, 2008 firefox , patch , security Leave a Comment

Mozilla released Firefox 2.0.0.19 on Dec 16, 2008

Note: This is the last planned release of Firefox 2. All users are encouraged to upgrade to Firefox 3.
Firefox 2.0.0.19 does not include Phishing Protection. [2]

This is the end of the line for Firefox v2

Fixed in Firefox 2.0.0.19 [1]
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-62 Additional XSS attack vectors in feed preview
MFSA 2008-61 Information stealing via loadBindingDocument
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

Vulnerability ratings: 4 Critical, 1 High, 2 Moderate, 2 Low
Evaluation: Update to v3 now

Mozilla is not planning any further security & stability updates for Firefox 2, and recommends that you upgrade to Firefox 3 as soon as possible. It’s free, and your settings and bookmarks will be preserved.
Also, the Phishing Protection service will no longer be available for Firefox 2 users. Firefox 3 offers a free Phishing and Malware Protection service, which will continue to protect you from online scams and attacks. [4]

[1] Fixed in Firefox 2.0.0.19 [Mozilla]
[2] Mozilla Firefox 2.0.0.19 Release Notes [Mozilla]
[3] You’ve been updated to the latest version of Firefox 2 [Mozilla]
[4] Firefox 3.0.5 and 2.0.0.19 security updates now available for download (2008-Dec-16) [Mozilla]

FireFox 3.0.5

Published December 17, 2008 firefox , patch , security Leave a Comment

Mozilla released Firefox 3.0.5 on Dec 16, 2008
Firefox 3.0.5 fixes several issues found in Firefox 3.0.4.

Fixed in Firefox 3.0.5 [1]
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

Vulnerability ratings: 3 Critical, 1 High, 1 Moderate, 3 Low
Evaluation: Update now

ff305pg

[1] Fixed in Firefox 3.0.5 [Mozilla]
[2] Mozilla Firefox 3.0.5 Release Notes [Mozilla]
[3] You’ve been updated to the latest version of Firefox. [Mozilla]
[4] Firefox 3.0.5 and 2.0.0.19 security updates now available for download (2008-Dec-16) [Mozilla]

2008-12-17 SAN issue

Published December 17, 2008 geek , inf Leave a Comment
Tags:
Controller A - FAIL

A disk takes out the SAN, you better believe it. The tale of misfortune begins when Disk 3/1 fails hogging the bus on the Titan 7240 RAID controller. This hogging of the bus knocks over Controller A with a critical “Voltage Low” taking the SAN with it.

The RAID controller icon-light on the front panel goes off rather than lighting red for “not functioning”. We can see that the Controller has disappeared via the VSMU.

Not happy Jan!

Remove the problem drive (LED on continuous after restart) and the controller is back.

[1.] Titan 7240 Series RAID Controller – User Manual
[2.] Titan 7240 Series RAID Controller – Tech Manual

CONTAGIOUS posters (Scott Sigler)

Published December 17, 2008 geek Comment

Do you like a puzzle? Try the CONTAGIOUS posters challenge just posted by Scott Sigler to promote his new book CONTAGIOUS.

On Tuesday, Dec. 16, welcome to teaser hell …

There are twelve unique promotional posters for the horror novel CONTAGIOUS, each hinting at a key phrase or plot point. What do they mean? You’ll find out when you read the book or listen to the free podcast. What’s more, if you put all twelve of these high-resolution, printable posters together in the right order, and you can see Perry’s final, doom-filled vision.

Through January 2009, the only one you will find at scottsigler.com is the “DOMREC.” The rest roll out exclusively on eleven other websites. Each site will feature one poster design only. To collect them all, you must visit all the sites (or subscribe to their respective RSS feeds).

Why did I pick the other eleven sites? Not only because they have big audiences (I’m a promotional whore, remember?), but because they have cool content. These sites will either make you laugh, entertain you or educate you. I love all of these sites, and think you will too.

Have a look at the posters page for links to the sites hosting the posters. Currently I have been able to identify and download the following posters; now to put them together :)

THE POSTERS

  1. Home of the 7th Son podcast novel trilogy: J.C. Hutchins.net
  2. Science-fiction news blog: io9.com
  3. Ring tone and cell-phone content site: Myxer
  4. Blog of all things cool: BoingBoing
  5. Science fiction/fantasy publisher: Tor.com
  6. Astronomy/science blog and podcast: Bad Astronomy
  7. Online culture vidcast: EPIC-FU
  8. Web marketing guru: Chris Brogan
  9. Indie rock showcase podcast: Accident Hash
  10. World’s deadliest vidcast: Ask a Ninja
  11. Killer comedy podcast: Keith and the Girl {in RSS feed, no number}
  12. scottsigler.com

You can choose the Audiobook podcast feed or a PDF version of Contagious feed – or both.

clue

IE out-of-band MS Security Patch

Published December 17, 2008 microsoft , patch , Patch_Tuesday , security Leave a Comment

A fix for the 0-day vulnerability in Internet Explorer;

Microsoft Security Bulletin Advance Notification for December 2008 [1]

Microsoft Security Bulletin Advance Notification issued: December 16, 2008
Microsoft Security Bulletins to be issued: December 17, 2008

This is an advance notification of an out-of-band security bulletin that Microsoft is intending to release on December 17, 2008.
This bulletin advance notification will be replaced with the revised December bulletin summary on December 17, 2008. The revised bulletin summary will include the out-of-band security bulletin as well as the security bulletins already released on December 9, 2008.

Affects: IE
Severity: Critical
Impact: Remote Code Execution
May require restart

Bulletin KB number Description Severity Impact Software
MS08-078 960714 Critical Security Update for Internet Explorer Remote Code Execution Critical Internet Explorer

[1] Microsoft Security Bulletin Advance Notification for December 2008 (2008-Dec-16) [MS]
[2] Microsoft announces an out of band patch for IE zero day (2008-Dec-16) [SANS]

December 2008
M T W T F S S
« Nov   Jan »
1234567
891011121314
15161718192021
22232425262728
293031  

Categories

License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 Australia License.

del.icio.us

Flickr Photos

LaserForce

Birthday Dragon

Birthday Dragon

Birthday Dragon

Birthday Dragon

New Bow

Day 10 | stars | #FMSphotoadayMAY 2013

2013 Mother's Day Classic

More Photos

Twittering

Cluster Map

Locations of visitors to this page
hacker emblem
Follow

Get every new post delivered to your Inbox.

Join 27 other followers