Howto implement timeout
Ok I have the following problem...
I have multiple VI's. Most of these VI's contain a loop which can theoratically loop a infinit amount of time. Some VI's which can run infinitly call VI's which can run infinitly. Now my problem is how do I timeout them.
I got a few solutions but none that I like.
Currently I have the following (not wanted implementation). Each VI has a timeout input. Then inside the VI I check if the VI has timed out. Now this implementation is flawed because of the following. I have A.vi and B.vi. A.vi calls B.vi. A.vi and B.vi have a input timeout. I wire the timeout of A.vi to B.vi. Now the flaw in my current design is that the timeout is sort of relative. Before B.vi is called in A.vi already some time has passed. Thus when B.vi is called in A.vi with that timeout it is possible that while B.vi is running A.vi would have timeout... but this does not happen because B.vi is still running with the same timeout of A, hence gets extended, because the timeout is added with the time when the VI is called and then compared when running. I attachted a sample VI of my current implementation.
Now I want to be able to have a more abstract method. Something like a VI which holds the timeout. I was thinking of a functional global... however this would conflict when two VI's are running with different timeouts which both call that VI when they run in parallel.
Hopefully someone has a clever idea/solution.
Attachments:
A.vi 10 KB
B.vi 9 KB
If A.vi calls B.vi, and you expect B.vi to be done in 100 ms it's naturally impossible for A.vi to be done in 100 ms as well if B.vi times out. You can use the timed elapsed in B output and add it to the time elapsed in A to compare it with the timeout instead. However if B does time out A will still take a bit longer to time out.
Hmmm wel that would not be possible of course because what when B will execute infinitly...
If your current approach is as simple as the demo VIs you attached, you may very rarely run into a problem when the Tick Counter rolls over, giving you a much longer timeout than you expect. (Of course, loops with no wait are also a problem).
Sounds like what you want is to change your timeout inputs to "Timeout At" inputs, so that it times out at a given time. Instead of comparing with the Tick Count, compare with Get Date/Time in Seconds (this also solves the rollover problem). Then you can pass the same Timeout At value from A directly into B. Alternatively, add the Timeout At input instead of replacing the Timeout, and set the initial value to NaN. Check if the input is NaN - if so, get the current time in seconds, add the timeout value, and use that as the new Timeout At; otherwise, just use the Timeout At value that was passed in.
Yes I actually came up with this solution also "Timeout At" idea. But I don't really like it, I was hoping for a more abstract/generic method. Where I could just use the tickcount.
The real issue lies in fact with the problem that I can't determine which VI's are going to be called and because they can be executed in parallel. If I could do this I could just create a notifier for that set of VI's which need a timeout check.
Similar Messages
-
UCCX Callback implementation timeout problem
I am working on an implementation of the "Callback" function for queued callers based on the Cisco sample scripts
BaseLineAdvQueuing and BaseLineMesageCallback. The function works correctly. If my agents are all in Not Ready state and callers select to leave a callback number and message then their "callback" calls are queued successfully. When an agent is made "Ready" the callback calls are delivered in the correct order and the callbacks are processed successfully. My problem is that the "Callback" calls time out and disappear from the queue after about 30 minuted. If an agent becomes ready after 40 minutes there are no calls delivered to them. I have tracked this via the Real Time Reports which show active sessions for the queued Callback calls. These disappear from the Real Time Report after 30 mins. Is there a way to extend this timeout?.
Regards,
DavidHave you checked your MIVR logs for the WFMaxExecutedStepsExceededException error?
The logic in the Advanced Queuing script is such that it loops the Get Digit String step once ever 6 seconds. Even if I didn't consider all the steps that your callers go through before getting there, this small section will execute 1,000 steps in 50 minutes. Subtract off your steps above and this could easily be 20 or 30 minutes.
The Callback script is less likely the culprit as it executes 3 steps every 30 seconds, which is 166 minutes or 2.7 hours.
My guess is that both of you are hitting the max steps on your main script. Check your MIVR logs to know for sure. Post your script and I'll review it.
Also, what is your UCCX System Parameter for Max Steps set to?
Anthony Holloway
Please use the star ratings to help drive great content to the top of searches. -
Implementing timeout mechanism in a service
Hi All
I need to implement a self timeout mechanism in my service(a piece of java code that implement some business logic).
so that service should timeout automatically when DB hangs or call to database server took more than usual time.
Scneraio is :
Clinet will set some time out from front end.
In case DB call's from service hangs(Say due to database being down), then service should timeout automatically before the timeout set by client say 300ms -400ms before and return some exception back to the client
kindly suggest on how to implemnt this in my service.
Any early assistance will be higly helpful on this
Thanks
Nirupamuser13556642 wrote:
is there any exception that calls to DB hangs usually throw say SQL exception etc once it get timeout after specified amount of timeI don't think there's any "silver bullet" for what you want, but certain aspects may be configurable.
For example, if you're using a <tt>DriverManager</tt>, you can use its <tt>setLoginTimeout()</tt> method to change the timeout for getting a <tt>Connection</tt>; but you may want to ask someone in the know what values are reasonable (or experiment yourself). I don't know whether <tt>DataSource</tt> has anything similar, but even if it does, it may not be under your control.
And as for something like a query, how would you know when to timeout? For a single row retrieval it might be microseconds; but then again, the database might have to do 16 different joins just to get you the one you want (hopefully not).
There is simply no way of knowing the intrinsic complexity of a request without some expertise (and probably a big wodge of experience to boot).
Winston -
Howto implement temporary changes / rollback in my model?
First some background information: I'm building a project management tool. It's based on JEE, Struts 2 and uses AJAX. The model exists as a singleton within the application-server. The model is basically an object tree which consists of projects, releases, usecases, tasks, team members and employees. The model uses the observer pattern to update data when it's necessary. For instance if you change the amount of work required to solve a task, the total amount of work to finish the usecase and the total amount of work to finish the release are updated.
I've got a dialog where a user can add and remove team members from a task and set multiple attributes on each team member. All these changes will affect the whole model (for instance, if you add an employee to the task-team this has an effect on the availability of this employee for other tasks). In the UI the user will see the result of his actions immediately, for that i need to update the model. But, what if the user hits the Cancel button? Or worse, leaves the dialog open and closes the browser? In that case I need to rollback my model. But since it's almost impossible to notice the closing of the browser reliably, rollback is not an option. So the best thing would be to work on a temporary model when the dialog opens. Then the user may change whatever he wants, and when he finally hits the OK button the temporary model needs to be merged with the "real" singleton-model (Since another user may have changed something in another task).
Now to my question: How would you implement this? Is there a pattern one could use? Do I really have to clone the whole object tree or is there a better way to solve this?
Thanks for your replies,
AndréThanks for your answers. They gave me some fresh ideas.
Both approaches go into the same direction somehow. I like the idea of having a simple facade, that hides the complex stuff (like the copy-on-write implementation). Anyway, it really looks like my singleton implementation is too simple for what I'm doing here sigh. -
Howto implement hand-rolled locking with SQL?
Hi there,
For now I used java.util.Concurrent's classes for locking critical sections which should only be modified/read by a client at a time. However now one customer would like to cluster our app and I wonder wether the locking could also be done with SQL.
The reason why we don't use some high-level SQL constructs is that our product only uses a really very small subset of SQL.
Any ideas wether/how double-checked locking could be implemented using SQL?
Thank you in advance, lg ClemensHere is a link to a nice discussion on your topic.
It might or might not help, but it did appear
pertinent to your questions by talking about
alternative methods and pros and cons of
auto-incrementing.Ooooh are we back on this topic again? Delightful. And just in time for the holiday when I shall have the time to compose lengthy replies on the subject.
Since the last time this subject came up (and I recall having some discussion with duffymo about it) I have been doing further thinking about it all and here are my thoughts.
Design Stage
A bit of a rehash of what I said before. I think it is key during the database (note database and not application) design phase to design without using auto-generated keys. Your database integrity, that is the integrity of each table and the integrity of each relationship between tables must be able to "stand up" without the use of these keys.
In general proper database design is, I believe, a learned craft. Since the amount of poor designs, at least what I come across, seems so prolific I think a good rule of thumb would be to apply the above rule to one's design stringently as a good practice that will create proper designs.
Creation and Deployment Phase
When you have a solid design then before creating and deploying the database design is a good time to look at where generated keys might be appropriate. Generally speaking I recommend using them for the following reasons
1) Ease of development. Let's face it joining key to key on an numeric column is much easier than joining on multiple variable columns.
2) Performance. The time to access a multiple key field with variable length columns is going to be different than a single key numeric field. Now this item was refuted in the article WorkForFood linked above but I think there is an issue to consider here all the same. It all depends on the usage.
I will certainly give you that database indexes are wonderful things and in most cases the performance differences between searching by a multiple column key vs a single column key are going to be hardly measurable. But what about updating? And what about the size of your table.
If the database is small or the database is largely for analysis and reporting then performance is (probably) not going to be an issue. However for a large scale transaction database I think one would be foolish to dismiss the performance impact out of hand.
3) Long-term flexibility. This was a point raised by duffymo in the last go around and it's certainly worth considering. The general theory is this, when you use non-generated keys you are locking business logic into your database design. If you need to make changes later for business reasons you are up the proverbial creek.
Personally, while I think the point is valid I am not overly sold on this one. I think there is only so much "planning against future changes" that one can and should do. I would rather see the needs of the current design met in an effective fashion before considering this. So I guess to me if all other things are equal this a reason to use generated keys.
Rules for Using Generated Keys
The two rules I would like to see people use when using generated keys are as follows.
1) Always create a constraint on the real key. Again and again I encounter systems where this has not been done. You might as well not have any keys at all with this kind of disaster. If you can't create a constraint then I think you have to go back to the design stage and rethink this.
2) Never use generated keys when one or more foreign keys form part of the primary key. Really this advice applies exclusively to tables that form many-to-many relationships. Auto-generated keys should never ever be used in tables like this. It's just a mess waiting to happen.
Of course the key could be several foreign keys that are each auto-generated keys in their own tables...
Other stuff I am going to refute in the linked article that doesn't fit anywhere else
Well mainly I don't like the concept of application generated keys. Which is discussed in some of the replies. To me that is a mix of all the cons of using generated keys and the cons of using natural keys all at the same time while adding a new level of stuff tied into your application logic that will make life more difficult in the end. I just don't like it. -
Howto configure Timeout for database link
Hi,
how can I configure the expected timeout for a db link connection?
My problem is, that I've to get data from a far distance database and the network connection is not very good.
Sometimes it works pretty good, but often I get a not reachable error. Monitoring the server with ping shows, that the server is always alive, but the roundtrip time is high ( >200 ms).
System: Oracle 9.2.0.5
Linux (RedHat)
Thanks for help
StephanWell since db links just use the underlying SQL*Net configuration, what you're actually looking for is timeout settings for SQL*Net, there are two:
In the listener.ora file on the server:
INBOUND_CONNECT_TIMEOUT_<listener_name> = n seconds
Determines the limit the database listener will wait for a client connection to complete after the connection is made.
In the sqlnet.ora file on the server:
SQLNET.EXPIRE_TIME = n minutes
Determines the limit for the frequency of active connection verification of a client connection.
If the problem is you're getting disconnected because of network timeouts, it could be here or something in your LAN network settings. -
HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity
Hi All,
I have implemented this concept in one of my project for (1-1 entity relationship). It worked very well. But I want try with parent child tables like (1 to many). I tried with the code given by "Adrian Nica " in previous thread. But my problem is When I make Parent table as updateable and reference I am not able to create a row for that VO at all.
Steve, I read your reply in previous thread. But that is not helpful when you want create a new row as parent record as reference.
Please help me to solve this....
--Thanks
RamaHi,
Thank you for your reply. I tried set all the attributes for parent EO to "Discriminator" which is added as "updateable and reference" in multiple updateable VO. But I am still getting " oracle.jbo.RowCreateException: JBO-25017:" and " Null Pointer Exception".
Do I need to set the child VO also as "discriminator" attributes for that EO.
--Thanks
Rama -
Howto implement toArray from Collections E
Hi!
I am trying to implement the generic Collection<E> interface and the toArray method is giving me trouble. Imitating the code from LinkedList, I can do this:
public class Test<E> implements Collection<E> {
protected E elt;
public Test() {}
public Test(E elt) {
this.elt = elt;
public <T> T[] toArray(T[] a) {
if (a.length == 0) {
a = (T[]) java.lang.reflect.Array.newInstance(
a.getClass().getComponentType(), 1); // generates unchecked warning
Object[] ret = a;
ret[0] = elt;
if (a.length > 1)
a[1] = null;
return a;
}However, this gives me an annoying unchecked warning. Of course, I can simply suppress the warning with @SuppressWarnings("unchecked"), but is there a Right Way of doing this that I am missing?Check Angelika Langer's Generics FAQ. But I don't believe there is. There are lots of places where the JDK source code has to ignore type safety and I think this is one of them.
-
Howto implement a Web Service Adapter?
Hi all,
Is it possible to create a Web Service Adapter, that allows external apps to pass data into CEP by calling the WebService method in that Adapater?
The intention is to have an external J2EE application to send events to CEP for further processing.
Any pointers are deeply appreciated.
thank you
Yee ThianHi all,
my question has been answered with the new FMW 11.1.1.3 release. The [updated document |http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14301/webservconfig.htm#BHCBCGHI] has a section on exposing CEP application as WS.
thank you all, especially Andy.
yee thian -
BufferedReader in = new BufferedReader (new InputStreamReader (System.in));
String message = in.readLine(); The above code waits infinitely until the user enter the data from the command line and presses enter key.
The following code can provide a timeout to the above waiting (it works fine).
But is there a SIMPLER WAY to provide timeout for above waiting, something like setSoTimeout(int milliseconds) method in DatagramSocket, Socket and ServerSocket classes*?*
http://www.coderanch.com/t/232213/threads/java/implement-timeout-threads
=>
import java.util.Timer;
import java.util.TimerTask;
import java.io.*;
public class test{
private String str = "";
TimerTask task = new TimerTask(){
public void run(){
if( str.equals("") ){
System.out.println( "you input nothing. exit..." );
System.exit( 0 );
public void getInput() throws Exception{
Timer timer = new Timer();
timer.schedule( task, 10*1000 );
System.out.println( "Input a string within 10 seconds: " );
BufferedReader in = new BufferedReader(
new InputStreamReader( System.in ) );
str = in.readLine();
timer.cancel();
System.out.println( "you have entered: "+ str );
public static void main( String[] args ){
try{
(new test()).getInput();
}catch( Exception e ){
System.out.println( e );
System.out.println( "main exit..." );
}No. System.in doesn't have a timeout API. Sockets do.
-
Links No longer work for HowTo
Hi,
for the thread with the title:
Thread: HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
The links in the thread no longer seem to work. Could you provide the updated links?
ThanksAre you following to the following link/reply?
Steve Muench wrote:
Please start a new thread with a new problem.
The latest information on this topic is located in section "27.9 Creating a View Object with Multiple Updatable Entities" of the ADF Developer's Guide for Forms/4GL Developers on the ADF Learning Center at http://otn.oracle.com/products/adf/learnadf.html
If yes, please see this link.
27.9 Creating a View Object with Multiple Updatable Entities
http://download.oracle.com/docs/cd/B31017_01/web.1013/b25947/bcadvvo009.htm
Thanks,
Hussein -
From a session management perspective, are bind timeouts recommended (at the server configuration level)?
I would like to put this in place for applications that neglect to close connections to the server when they are no longer needed.
Are there any side effects? things I need to take into design consideration that I may have overseen...The answer is very very specific to the environment you are running. But I can tell you that implementing timeouts was one of the best things I did prior to rolling out our directory environment. Some clients want to bind to the directory and never unbind, and get an application error if the connection is lost. So that means you can never restart your directory without causing an application error (and a complaining phone call....).
Several vendors had to modify their applications before we would purchase their software. It's baaad implementation on their part, but without the timeout you won't discover it until it's too late.
In the ideal world, your heavy-use client applications implement connection pools which monitor their connection and re-establish it if a connection error occurs. -
Query on Virtual Provider with Services
Hello everyone,
I created a VirtualProvider and used the HowTo "Implement a VirtualProvider with Services" (Scenario 3: Any Table). Everything works fine and I can see some data with listcube. But when I'm executing a query (Bex) on the VirtualProvider I always get "'No Applicable Data Found."
Any hints?
Thank you very much and regards
JohannesHi Johannes,
please run your query in rsrt in debug mode, set a break-point in your fm and check the contents of the tables related to the characteristics and keyfigures to be read as well as the selections and check if everything here works as expected.
kind regards
Siggi
PS: btw, are you using a hierarchy in your query? -
Reg : "Flattened" Master/Detail in a Single Row
Hi All,
I have a requirement as below :
Structure Table. EO1
Attirubtes Table. EO2
The relation ship between two tables is one to one.
My requirement is i need to show the data in Flattened Format in a table region.
For display purpose i was able to display data.
For performing DML operations : Like : Insert, Update , Delete. I have take a VO1 based on two EO's : EO1 and EO2' , AO for EO1 && EO2. and written query in Expert Mode.
Here i struck, i could not understand how to proceed further. While performing update : only data in : EO1 is getting updated. EO2 data is getting committed.
One more issue is : i could not understand how to perform insertRow() for above ?
Please provide your suggestions.
Regards
SridharHi All,
I solved the above requirement by following the below link.
HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
Thanks to AJ
Regards
Sridhar -
Multiple Vulnerabilities in Apple Mac OS X
Every few months, somebody (with a PC) emails me one of notices.
I assume Apple does their security updates othen enough to take care of this. Or am I wrong?
Who makes these notices?
What should I do when I get one of these notices?
Here's THe whole EMAIL:
Multiple Vulnerabilities in Apple Mac OS X
Multiple Vulnerabilities in Apple Mac OS X. The full text of the document is
provided below.
Joint Task Force - Global Network Operations
U N C L A S S I F I E D
Joint Task Force - Global Network Operations (JTF-GNO) Information Assurance
Vulnerability Technical Advisory
Title: Multiple Vulnerabilities in Apple Mac OS X
References:
Security Focus
http://www.securityfocus.com/bid/22948
STIG Finding Severity: Category I
CVE:
CVE-2005-2959
CVE-2006-0225
CVE-2006-0300
CVE-2006-1516
CVE-2006-1517
CVE-2006-2753
CVE-2006-3081
CVE-2006-3469
CVE-2006-4031
CVE-2006-4226
CVE-2006-4829
CVE-2006-4924
CVE-2006-5051
CVE-2006-5052
CVE-2006-5330
CVE-2006-5679
CVE-2006-5836
CVE-2006-6061
CVE-2006-6062
CVE-2006-6097
CVE-2006-6129
CVE-2006-6130
CVE-2006-6173
CVE-2007-0229
CVE-2007-0236
CVE-2007-0267
CVE-2007-0299
CVE-2007-0318
CVE-2007-0463
CVE-2007-0467
CVE-2007-0588
CVE-2007-0719
CVE-2007-0720
CVE-2007-0721
CVE-2007-0722
CVE-2007-0723
CVE-2007-0724
CVE-2007-0728
CVE-2007-0726
CVE-2007-0730
CVE-2007-0731
CVE-2007-0733
CVE-2007-1071
Executive Summary:
There are multiple vulnerabilities affecting Apple Mac Operating System
(OS) X and various Apple applications running on Mac OS X. Mac OS X is a
proprietary operating system developed and sold by Apple Computer, Inc.,
that is included with all currently shipped Apple Macintosh computers.
Mac OS X Server is architecturally identical to its desktop counterpart and
usually runs on Apple's line of Macintosh server hardware. It includes
workgroup management and administration software tools that provide
simplified access to key network services, including a mail server, a
directory server, and a domain name server. Apple Mac OS X is Apple's latest
OS software architecture. These vulnerabilities exist due to unchecked
buffers, error conditions, and incorrect security settings in the software.
Successful exploitation of these vulnerabilities may allow a remote attacker
to execute arbitrary code, access or modify arbitrary data, escalation of
privileges or cause denial of service conditions.
Technical Overview:
There are thirty vulnerabilities affecting Apple Mac Operating System OS X
and various Apple applications running on Mac OS X addressed in this latest
release. An attacker could exploit these vulnerabilities by enticing a user
to use a maliciously crafted website, image, program, or code; or by making
use of known implementation flaws. Results of an attacker exploiting any of
these vulnerabilities include the execution of arbitrary code, triggering a
Denial of Service (DoS), or elevation of user privileges.
The following specific vulnerabilities affecting Apple Mac OS X:
ColorSync Profile Vulnerability - CVE-2007-0719 A stack buffer overflow
exists in the handling of embedded ColorSync profiles. By enticing a user to
open a maliciously-crafted image, an attacker can trigger the overflow,
which may lead to an unexpected application termination or arbitrary code
execution. This update performs additional validation of ColorSync profiles.
Crash Reporter Vulnerability - CVE-2007-0467 Crash Reporter uses an
admin-writable system directory to store logs of processes that have been
unexpectedly terminated. A malicious process running as an admin can cause
these logs to be written to arbitrary files as root, which could result in
the execution of commands with elevated privileges. This update performs
additional validation prior to writing to log files.
CUPS Vulnerability - CVE-2007-0720
A partially-negotiated SSL connection with the CUPS service may prevent
other requests from being served until the connection is closed. Remote
attackers may cause a denial of service during SSL negotiation This update
implements timeouts during SSL negotiation.
Disk Images-Helper Vulnerability - CVE-2007-0721 A memory corruption
vulnerability exists in diskimages-helper. By enticing a user to open a
maliciously-crafted compressed disk image, an attacker could trigger this
issue which may lead to an unexpected application termination or arbitrary
code execution. Mounting a maliciously-crafted disk image may lead to an
unexpected application termination or arbitrary code execution. This update
performs additional validation of disk images.
AppleSingleEnding Disk Images Vulnerability - CVE-2007-0722 An integer
overflow vulnerability exists in the handler for AppleSingleEncoding disk
images. By enticing a local user to open a maliciously-crafted disk image,
an attacker could trigger the overflow which may lead to an unexpected
application termination or arbitrary code execution. Mounting a
maliciously-crafted AppleSingleEncoding disk image may lead to an unexpected
application termination or arbitrary code execution. This update performs
additional validation of AppleSingleEncoding disk images.
Multiple Malicious Disk Image Vulnerabilities - CVE-2006-6061,
CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267,
CVE-2007-0299
Several vulnerabilities exist in the processing of maliciously-crafted disk
images that may lead to an unexpected termination of system operations or
arbitrary code execution. Since a disk image may be automatically mounted
when visiting web sites, this allows a malicious web site to cause a denial
of service. This update performs additional validation of downloaded disk
images prior to mounting them.
Directory Service (DS) Plug-In Vulnerability - CVE-2007-0723 An
implementation flaw in DirectoryService allows an unprivileged LDAP user to
change the local root password. The authentication mechanism in
DirectoryService has been fixed in this release.
Flash Player Vulnerability - CVE-2006-5330 Adobe Flash Player is updated to
version 9.0.28.0 to fix a potential vulnerability that could allow HTTP
request splitting attacks. This is accomplished by playing a
maliciously-crafted Flash content on a vulnerable system. This issue is
described as APSB06-18 on the Adobe web site at
http://www.adobe.com/support/security/
Multiple GNU Tar Vulnerabilities - CVE-2006-0300, CVE-2006-6097 One GNU TAR
vulnerability involves a buffer overflow, which allows user-assisted
attackers to cause a denial of service (application crash) and possibly
execute arbitrary code via unspecified vectors involving PAX extended
headers. The second GNU TAR vulnerability allows user-assisted attackers to
overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES
record with a symbolic link. This record is not properly handled by the
extract_archive function in extract.c and
extract_mangle function in mangle.c.
HFS+ Filesystem Vulnerability - CVE-2007-0318
An HFS+ filesystem in a mounted disk image can be constructed to trigger a
kernel panic (denial of service) when attempting to remove a file from a
mounted filesystem. This update performs additional validation of the
HFS+ filesystem.
IOKit HID Vulnerability - CVE-2007-0724 Insufficient controls in the IOKit
HID interface allow any logged in user to capture console keystrokes,
including passwords and other sensitive information of other users on a
local system. This update limits HID device events to processes belonging to
the current console user.
ImageIO GIF Vulnerability - CVE-2007-1071 An integer overflow vulnerability
exists in the process of handling GIF files. By enticing a user to open a
maliciously-crafted image, an attacker can trigger the overflow which may
lead to an unexpected application termination or arbitrary code execution.
This issue does not affect systems prior to Mac OS X v10.4.
ImageIO Raw Images Vulnerability - CVE-2007-0733 A memory corruption issue
exists in the process of handling RAW images.
By enticing a user to open a maliciously-crafted RAW image, an attacker can
trigger the issue which may lead to an unexpected application termination or
arbitrary code execution. This update performs additional validation of RAW
images. This issue does not affect systems prior to Mac OS X v10.4.
Kernel Vulnerability via fpathconf() System Call - CVE-2006-5836 Malicious
local users may be able to cause a denial of service by using the
fpathconf() system call on certain file types. The result of this action
would be a kernel panic (denial of service). This update improves the
handling for all kernel defined file types.
Kernel Vulnerability via Universal Mach-O Binaries - CVE-2006-6129 An
integer overflow vulnerability exists in the loading of maliciously-crafted
Universal Mach-O binaries. This could allow a malicious local user to cause
a kernel panic, an arbitrary code execution, or the elevation of system
privileges. This update performs additional validation of Universal
binaries.
Kernel Vulnerability via sharedregion_make_privatenp() System Call -
CVE-2006-6173
The sharedregion_make_privatenp() system call allows a maliciously-crafted
program to request a large allocation of kernel memory. This could allow a
malicious local user to cause a system hang.
This issue does not allow an integer overflow to occur, and it cannot lead
to arbitrary code execution. This update incorporates additional validation
of the arguments passed to sharedregion_make_privatenp().
Multiple MySQL Server Vulnerabilities - CVE-2006-1516, CVE-2006-1517,
CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,
CVE-2006-3469
Multiple vulnerabilities exist in MySQL which could be exploited by
attackers making use of known system flaws via specially crafted codes.
In addition to being able to execute arbitrary code, the attacker could also
exploit these vulnerabilities causing a denial of service or buffer
over-read; obtaining sensitive information; and creating/accessing a
database.
Networking Vulnerability via AppleTalk Protocol Handler - CVE-2006-6130 A
memory corruption issue exists in the AppleTalk protocol handler. This could
allow a malicious local user to cause a kernel panic, or gain system
privileges to execute arbitrary code. This update performs additional
validation of the input data structures.
Networking Vulnerability via AppleTalk Requests - CVE-2007-0236 A heap
buffer overflow vulnerability exists in the AppleTalk protocol handler. By
sending a maliciously-crafted request, a local user can trigger the overflow
which may lead to a denial of service or arbitrary code execution. This
update performs additional validation of the input data.
OpenSSH Keys Vulnerability - CVE-2007-0726 A remote attacker can destroy
established trust between SSH hosts by causing SSH Keys to be regenerated.
SSH keys are created on a server when the first SSH connection is
established. An attacker connecting to the server before SSH has finished
creating the keys could force the keys then to be recreated. This could
result in a denial of service against processes that rely on a trust
relationship with the server.
Systems that already have SSH enabled and have rebooted at least once are
not vulnerable to this issue. This issue is addressed by improving the SSH
key generation process. This issue is specific to the Apple implementation
of OpenSSH.
Multiple OpenSSH Vulnerabilities - CVE-2006-0225, CVE-2006-4924,
CVE-2006-5051, CVE-2006-5052 Multiple vulnerabilities exist in OpenSSH, to
include compilation and faulty authentication errors. An attacker could use
these vulnerabilities in specially crafted codes/commands to cause the
execution of arbitrary code, or a denial of service.
USB Printing Vulnerability - CVE-2007-0728 Insecure file operations may
occur during the initialization of a USB printer. An unprivileged attacker
with system privileges may leverage this issue to create or overwrite
arbitrary files on the system. This update improves the printer
initialization process.
QuickDraw PICT Image Processing Vulnerability - CVE-2007-0588 A heap buffer
overflow vulnerability exists in QuickDraw's PICT image processing. By
enticing a user to open a maliciously-crafted PICT image, an attacker can
trigger the overflow which may lead to an unexpected application termination
or arbitrary code execution. This update performs additional validation of
PICT files.
servermgrd Authentication Credentials Vulnerability - CVE-2007-0730 An issue
in Server Manager's validation of authentication credentials could allow a
remote attacker without valid credentials to alter the system configuration.
This update addresses the issue by additional validation of authentication
credentials.
SMB File Server Vulnerability - CVE-2007-0731 A stack-based buffer overflow
in the Apple-specific Samba module (SMB File Server) allows a user with
write access to an SMB share to execute arbitrary code via a long ACLA file
with an overly-long ACL. This could lead to a denial of service or arbitrary
code execution. This update performs additional validation of ACLs. This
issue does not affect systems prior to Mac OS X v10.4.
Software Update Application Vulnerability - CVE-2007-0463 A format string
vulnerability exists in the Software Update application.
By enticing a user to download and open a maliciously-crafted Software
Update Catalog file, an attacker can trigger the vulnerability which may
lead to an unexpected application termination or arbitrary code execution.
This update removes document bindings for Software Update Catalogs. This
issue does not affect systems prior to Mac OS X v10.4.
sudo Configuration Vulnerability - CVE-2005-2959 A user-modified sudo
configuration could allow environment variables to be passed through to the
program running as a privileged user. If sudo is configured to allow an
otherwise unprivileged user to execute a given bash script with elevated
privileges, the user may be able to execute arbitrary code with elevated
privileges. Systems with the default sudo configuration are not vulnerable
to this issue. This issue has been addressed by updating sudo to 1.6.8p12.
Further information is available via the sudo web site at
http://www.sudo.ws/sudo/current.html
Blojsom WebLog Vulnerability - CVE-2006-4829 A cross-site scripting
vulnerability exists in Blojsom. This allows remote attackers to inject
JavaScript into blog content that will execute in the domain of the Blojsom
server. This update performs additional validation of the user input. This
issue does not affect systems prior to Mac OS X v10.4.
Vulnerable Applications/Systems and Countermeasures:
Vulnerable applications/systems with fixes available:
Compliance is RECOMMENDED. Although this notice is a Technical Advisory,
Systems Administrators should strongly consider implementing these updates.
Apple Mac OS X 10.3.9
Apple Mac OS X 10.4.0
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.8
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.4.0
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.8
Temporary Mitigation Strategies
None
Vulnerable applications/systems with no patches available, vendor temporary
recommended mitigations available:
Permanent fixes are not available. Temporary mitigations have been provided
to protect vulnerable systems until permanent patches are available.
Administrators should consider using the temporary mitigations provided or
develop local strategies to protect vulnerable systems from attack.
None
Vulnerable applications/systems with no patch or temporary recommended
mitigations:
There are no patches or temporary mitigations available. Administrators
should consider developing strategies to protect vulnerable systems based on
local mission requirements and operational impact. As patches or workarounds
become available the status will be upgraded to "Fix available" or
"Mitigation Available".
None
Unsupported Software:
Mac OS X versions prior to 10.3.9Who's sending you these emails and why? It sounds like a Windows apologist with an inferiority complex trying to make OS X look bad. The facts are that there are no viruses or malware in the wild at this time actively compromising OS X users. Discovered flaws and vulnerabilities do not immediately translate into active malware on OS X like they do on Windows. Apple releases security updates on a regular basis. The recent OS X 10.4.9 update, for example, provided fixes for some 45 known security issues. OS X is by no means a perfect piece of code but you are infinitely safer on the internet using OS X than you are using any version of Windows, including the new Vista.
As to who makes these notices there are security researchers and companies whose job it is to find and report security flaws in any operating system or application they choose to inspect. They provide a valuable service to companies like Apple and Microsoft in helping them close holes in their software.
CVE stands for "Common Vulnerabilities and Exposures" and is a standardized way of cataloging security issues. CVE is supported by CERT (Computer Emergency Response Team) which in turn is supported by the Federal Government and the Department of Homeland Security.
Here is the web site link...
http://cve.mitre.org/about/
The best response when you get one of these emails is to do nothing. Instead, keep your system current and up-to-date with all security updates and OS X updates released by Apple. And above all, don't worry.
Dual 2.5GHz G5 Power Macintosh Mac OS X (10.4.9)
Maybe you are looking for
-
IPhone activation lock problem please help
My friend has bougth an iPhone 5 with iOS 7 through OLX . OLX is a website like craiglist where people buy there products directly to sellers. iPhone 5 when he bougth was good and was in working condition. He bougth it yesterday.But suddenly in the n
-
Exporting the flash movie with all the associated files linked in?
Hey guys i have a movie that has a swf player practically on every page playing a number of different videos. When I export it usually and play it on another computer the flash file won't play the videos as they simply are not there! Is there a way I
-
File(windows)---- xi ---- file(unix)
Hi All, Our scenario is FILE(windows)-> XI -> FILE(unix). Our System is configured on J2SE and we have configured a local adapter engine for this. We have 3 folders at Source End say Source, OK and NOT OK. Our requirment is to move file to OK if the
-
Howto implement temporary changes / rollback in my model?
First some background information: I'm building a project management tool. It's based on JEE, Struts 2 and uses AJAX. The model exists as a singleton within the application-server. The model is basically an object tree which consists of projects, rel
-
Hi, u201CI am trying to send MATMAS IDOC from SAP to non-SAP system using JCo3. But it is giving error RFC_ERROR_INTERNAL: COMMUNICATION_FAILURE Cannot lock transaction". I checked this error in TCode SM58 in SAP system. However, I am able to send s