[1538] in linux-security and linux-alert archive
[linux-security] RE: Re: Re: Yet Another
daemon@ATHENA.MIT.EDU (cosimo@aiglon.ch)
Wed May 7 02:08:56 1997
From: cosimo@aiglon.ch
Date: Tue, 6 May 1997 18:21:23 +0100
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
>making DIP set-uid root does *not* create buffer overrun problems,
>which were fixed long time ago.
How very incorrect. They were not "fixed" a long time ago. Dip buffer
overruns can still be found on just about any site that didnt keep up
with bugtraq.. Any badly managed system will have these problems. Some
systems, are so bad as to not have shadow support yet!! Like halcyon.com
for example.
----------------------------------------------------------------------
Cosimo Leipold | Unix Administrator
Aiglon College | Web Page Development
1885 Chesieres-Villars | NT Administrator
Switzerland | http://www.clark.net/pub/cosimo
----------------------------------------------------------------------