[11683] in bugtraq
Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock
daemon@ATHENA.MIT.EDU (David Wagner)
Sat Sep 4 01:20:27 1999
Message-Id: <7qkvir$k8u$1@blowfish.isaac.cs.berkeley.edu>
Date: Wed, 1 Sep 1999 21:48:27 -0700
Reply-To: David Wagner <daw@CS.BERKELEY.EDU>
From: David Wagner <daw@CS.BERKELEY.EDU>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In article <14282.6738.523996.809083@floh.privat.circular.de>,
Norbert Warmuth <nwarmuth@PRIVAT.CIRCULAR.DE> wrote:
> An off-by-one error, hardly to exploit especially since the value written
> is always '\0'.
Relying on that to protect you may not be prudent. See
http://www.geog.ubc.ca/snag/bugtraq/msg03213.html
for an example of an off-by-one error which only allowed to write a '\0'
yet was exploited in the field (!).
