MAAS History
Archives

Entries by drStrangeP0rk (171)

Thursday
Jan072010

Critical Vulnerabilities In Adobe Illustrator CS4 and CS3

DateThursday, January 7, 2010 at 10:50PM

Critical buffer overflow vulnerabilities exist in Adobe Illustrator CS4 (14.0.0) and Adobe Illustrator CS3 (=<13.0.3) on the Macintosh and Windows platforms which can lead to malicious code execution. The update process for the Mac requires you to alter the Package contents. Incase you do not realize an Application on the Mac is actually a Package (folder) which contains the contents of the application. You can open Terminal and cd into any application to view the contents. In Terminal you can use "open ." to open the folder in viewer.

Users and Administrators should perform the update as described in the attached reference. It does not use the Adobe Updater proving that there is much work that needs to be done by Adobe to improve the process.

AuthordrStrangeP0rk | CommentPost a Comment | Reference2 References |
in , , , ,
Wednesday
Jan062010

SpamAssissin Suffers From Decade Based Bug

DateWednesday, January 6, 2010 at 08:47PM

Mac OSX server uses SpamAssassin to filter inbound spam for mail services. SpamAssissin increases the score on legitimate 2010 messages resulting in the messages being marked as spam. Apple has two resolutions, the first is to disable the date rule by editing "/etc/mail/spamassassin/local.cf". Apple's support document uses vi, I like nano so you can replace the sudo vi with sudo nano <fileName> or set the EDITOR value in your .profile file.

The second solution is change the date rule for scoring on future dates by doing the following.

  • Stop mail server.
  • Open terminal and enter "sudo nano /usr/share/spamassassin/72_active.cf"
  • Find the "FH_DATE_PAST_20xx" and edit the Header to read
    • header  "FHDATA_PAST_20XX Data=~/20[2-9][0-9]/ [if-unset:2006]"
      • *You are changing so that it will flag messages that originate greater then or equal to 2020.

 

Many administrator customize the SpamAssassin settings so any other date related flags must be checked. The change in the decade has resulted in several decade based bugs in various sofware packages on multiple platforms. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , ,
Wednesday
Jan062010

Firefox 3.5.7 Update Release

DateWednesday, January 6, 2010 at 12:10AM

Users should update to Firefox 3.5.7 which address performance and security issues. This includes an issue related to DNS resolution in MakeSN and nsAuthSSPI which resulted in proxy servers failing to resolve hosts. In addition the user notification of major updates has been improved.

AuthordrStrangeP0rk | CommentPost a Comment |
in ,
Monday
Jan042010

Reports: Apple Plans To Ship New Device in March

DateMonday, January 4, 2010 at 06:11PM

Apple is planning to ship a new device in March. Although it has not been confirmed many reports are speculating that it is the long awaited iTablet device. It is unclear if it will run a version of the iPhone OS, Mac OSX Snow Leopard or a hybrid.

Snow Leopard incorporates may UI improvements which some have speculated was to accommodate multi-touch input technology. If you check your System Preferences you will notice that Keyboard now has it's own perference and users can select to display it on screen from this panel (Fig. 1). It is interesting that this is far easier to access compared to the Universal Access Preference in Leopard which can display the keyboard on screen as well.

Fig. 1 Snow Leopard Keyboard

Similar to the iPhone 3GS the screen may have an oleophobic finger-resistant coating depending on what the final device ships with. It is also unclear of the final size but think the AirBook Screen in terms of size. One draw back may be the use of the AirBook's pop-out USB ports which I find to be very delicate. It is always interesting the way in which Apple makes a device that is sturdy, slim and sexy. All qualities which make the iPhone a great device while the AirBook remains an experimental platform.

AuthordrStrangeP0rk | CommentPost a Comment |
in ,
Sunday
Dec202009

Mail Service Update 1.0 for Snow Leopard Server v10.6.2

DateSunday, December 20, 2009 at 09:55PM

Apple has released an update to the Mail Service in Snow Leopard Server 10.6.2. This update addresses performance and reliability issues. Mail Service memory handling has been improved and overall allocation has been reduced. One issue that can be a major headache for administrators is an interruption in Directory Services, Mail Service is able to recover from these interruptions in a far more efficient manner and without the need for administrators intervention once Directory Services return. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , ,
Page 1 ... 18 19 20 21 22 ... 35 Next 5 Entries »