Blog

Secunia reports in advisory SA3675 about a buffer underflow vulnerability in the function ngx_http_parse_complex_uri() of the nginx webserver and rates it as highly critical. Impacts may be a DoS attack or remote system access. Changelogs were published for nginx 0.7.62, nginx 0.6.39 and nginx 0.5.38. We highly recommend that you upgrade to the latest version of nginx.

Read more

The Haiku Operating System is the open source resurrection of BeOS, the Be Operating System. The project started in 2001 under the name OpenBeOS and changed it’s name in 2004 to Haiku to circumvent any legal issues. The kernel is a fork of the NewOS kernel written by an ex-Be engineer. The Haiku team focussed on binary compatibity to BeOS 5 and started to replace single parts of the system with an open source alternative.

Read more

OpenBSD 4.6 is scheduled for release on 2009-10-01. Pre-Orders are now accepted. The new release brings a new privilege-separated SMTP daemon, improvements over OpenBGPD, OpenOSPFD and other routing daemons, a per default enabled pf(4) that has stricter checking for ICMP and ICMP6 packets, improved driver support and many more changes. Here is the full list of changelog for OpenBSD 4.6

Read more

Fleximus moved to the new domain www.fleximus.org today. Please update all your bookmarks and blog software accordingly. Thank you!

Read more

One of the few security portals hosting exploits, 0days and other vulnerabilities has closed it’s doors. The guy behind Milw0rm, called str0ke, said he wasn’t able to handle the sent in exploits and emails in an acceptible timeframe. All vulnerabilities were reviewed by him before it went online. Because of these news the webserver did not withstand the wave of request that came in. After a few days offline, the website is now back with a bigger machine.

Read more