[10904] in bugtraq
Re: [RHSA-1999:017-01] Potential security problem in Red Hat 6.0
daemon@ATHENA.MIT.EDU (Andreas Bogk)
Fri Jun 25 13:20:04 1999
Message-Id: <m3iu8coudx.fsf@soma.andreas.org>
Date: Fri, 25 Jun 1999 17:14:18 -0400
Reply-To: Andreas Bogk <andreas@ANDREAS.ORG>
From: Andreas Bogk <andreas@ANDREAS.ORG>
X-To: Raymond Dijkxhoorn <raymond@THRIJSWIJK.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Raymond Dijkxhoorn's message of "Fri, 25 Jun 1999 00:32:44 +0200"
Raymond Dijkxhoorn <raymond@THRIJSWIJK.NL> writes:
> 7. Problem description:
>
> Several potential buffer overruns have been corrected within the net-tools
> package.
Very helpful. I'm running LinuxPPC here, which is partly based on
RedHat. Could someone from RedHat please identify the programs in
question, their version numbers, the history of the code or something
else which allows me to find out whether I'm affected or not?
No, Im not asking "gimme the xpl0itz". Far from it. But such
announcements just don't help me. Instead they give me the uneasy
feeling that out there are people which know about a security problem
on my machine and don't tell me about it.
Andreas
--
"We show that all proposed quantum bit commitment schemes are insecure because
the sender, Alice, can almost always cheat successfully by using an
Einstein-Podolsky-Rosen type of attack and delaying her measurement until she
opens her commitment." ( http://xxx.lanl.gov/abs/quant-ph/9603004 )
