Wow, four Wordpress plugin exploits released in under a week. Are these plugin authors really amateurs, or just trying to pwn Wordpress blogs?
That's right Wordpresss kiddies, two new vulnerabilities, and they're pretty nasty. Author Houssamix From H-T Team has released two remote SQL injection proof of concepts for WP-Cal and fGallery 2.4.1.
Milworm has published a denial of service exploit for the Apple iPhone, 1.1.2. I've made the page available, so feel free to send your friends with iPhones to that page if you'd like to see 'em cry.
Milworm.com has released another Wordpress plugin vulnerability, this time it's WP-Forum 1.7.4. I'm no expert at deciphering exactly how exploits work, but this remote sql injection appears to grant the attacker administrative privileges. If you're using WP-Forum 1.7.4 or earlier on your Wordpress blog, uninstalling this vulnerable plugin is highly recommended.
A recently released Wordpress vulnerability proof of concept forced me to update Wordpress, and as a result, several plug-ins are now failing to work properly. I don't regret performing the update because not only were the security holes patched, but database queries were optimized.
Camp Delta's manual outlining standard operating procedures was recently leaked on Wikileaks.org. A direct link to the leaked document is available here: http://www.wikileaks.org/wiki/Gitmo-sop.pdf. Dated March 28th, 2003, this 238 page document appears official. Guantánamo spokesman, Army Lt. Col. Ed Bush, openly claimed the Cuban based prison camps "have evolved significantly since 2003, prompting many SOP changes."
/* How Large Servers are Owned via DDoS written by perator */
Every time you dial up to your ISP, your box is assigned an IP address. An IP address is a number (eg. 22.214.171.124) that identifies you on the internet. Every online computer has its own unless it's on a LAN (Local Area Network) in which case it might share an IP address with several computers linked to a HUB (A network device that links computers together to form a network).
By sending "fragmented" packets to someone's IP address, you can knock them offline, freeze, "blue screen" or even reboot someone's computer, depending on the packet header and the remote computer's tcp/ip stack's buffer. This is called a DoS Attack (Denial of Service attack). We are not going to do this, as little buffer overflows like those only work on windows based operating systems. Since we're usually dealing with Sun Sparc servers, routers, nodes, and Unix based systems, we're going to use utilities which turn 200gbps of bandwidth into 0kbps.
Ken Thompson and Dennis Ritchie were the two responsible for developing UNIX while working for Bell Laboratory’s. With the advancement of phone technology in the early 1970’s, AT&T needed an operating system that would provide stable services for thousands of users at a time. Ritchie used a modified version of the Basic Combined Programming Language to develop UNIX, and later renamed his revision to simply, B. After several advancements and revisions during 1972, B became known as C. The major advantage C provided was the ability to port the operating system to other chipsets (UGA). This would allow functionality on almost any system architecture. Thirty years later, C is still widely used and accepted as a high end programming language.
Toward the end of the 1970’s, several copies of UNIX made there way to Universities, Government Labs, and average users. As a result of remaining Open Source, several worthy contributions come from people all over the world. Responses and support for the operating system lead small teams or groups of people to eventually develop their own varieties known as distributions. From this amazing system comes a torrent of distributions, each designed for a specific task or tasks. FreeBSD, Linux, OpenBSD, Irixx, Sparc, AIX, and even Macs contain their own unique properties, but get their roots from UNIX.