PaulDotCom Security Weekly - Episode 10 - Jan 13, 2006
We had some audio problems on this one, of course I went home and figured out what the problems were. In any case, we are continually improving, so please bear with us. This weeks show notes (Thanks Andy!):
- The Mason joins us from KC, he gets around
- Plugs for blogs, hackthematrix, pauldotcom, pillowtalkradio
- MS06-002, heap based buffer overflow via a web page (or anything) rendering font
- MS06-003, can execute ab uffer over flow via email on Exchange servers (i.e. 1 email message can infect every exchange server it passes through)
- "Testing by Oberservation", Have a better plan to test a patch!
- Symantec Norton System works file hiding thinger... F-secure write-up
- Claims that Kapersky Anti-Virus has similar problems
- Apple-Quicktime Vulnerable when rendering Tiff, Giff, Targus .tga
- "There are no viruses for mac" rant
- Blackberry - More of the same, Much like .tiff it is for .png
- Cisco AP DoS - Arp packets to AP can cause DoS condition
- Cisco MARS Default User/Password hidden from end user
- Larry and Paul should join podcast anonymous...
- Steve Gibson is smoking crack
- Thanks to the sponsor The SANS Institute
- Happy Birthday to Mason and Paul
Hosts: Larry Pesce, Paul Asadoorian, "The Mason"
Email: psw@pauldotcom.com
Comments
Hi Paul, you don't seem to have track backs on. So here is a link to where I too agree with your viewpoint that Steve Gibson's comments went a bit far.
http://www.georgestarcher.com/?p=7
Posted by: George Starcher | January 16, 2006 12:51 AM