[1538] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] RE: Re: Re: Yet Another

daemon@ATHENA.MIT.EDU (cosimo@aiglon.ch)
Wed May 7 02:08:56 1997

From: cosimo@aiglon.ch
Date: Tue, 6 May 1997 18:21:23 +0100
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com




>making DIP set-uid root does *not* create buffer overrun problems,
>which were fixed long time ago.
How very incorrect. They were not "fixed" a long time ago. Dip buffer
overruns can still be found on just about any site that didnt keep up
with bugtraq.. Any badly managed system will have these problems. Some
systems, are so bad as to not have shadow support yet!! Like halcyon.com
for example.

----------------------------------------------------------------------
Cosimo Leipold		 |	  Unix Administrator
Aiglon College		 |	  Web Page Development
1885 Chesieres-Villars	 |	  NT Administrator
Switzerland		 |	  http://www.clark.net/pub/cosimo
----------------------------------------------------------------------


home help back first fref pref prev next nref lref last post