[12079] in bugtraq
Historical Bugtraq Question
daemon@ATHENA.MIT.EDU (Alfred Huger)
Fri Oct 1 00:16:17 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.10.9909301029260.20526-100000@www.securityfocus.com>
Date: Thu, 30 Sep 1999 10:40:09 -0700
Reply-To: Alfred Huger <ah@SECURITYFOCUS.COM>
From: Alfred Huger <ah@SECURITYFOCUS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Hey Folks,
I am doing a little research on Bugtraq, it's history and the impact it's
had on the community. I have a question for some of the listers here who
have been onboard for a while.
So far as I can tell, the first publicly released X86 buffer overflow w/
source code was the splitvt(1) exploit posted on Sun Dec 03 1995 as
"Avalon Release".
http://www.securityfocus.com/templates/archive.pike?list=1&date=1995-11-29&thread=Pine.LNX.3.91.951203225127.524A-100000@crimson.cadvision.com
It's my assertion that this code launched the buffer overflow into a
commonly used exploit technique. In any event, I am looking for
information refuting the 'first out' claim. Keep in mind I am not
referring to anything other than X86 overflows (although I do not believe
sparc eggs became public till after the splitvt code).
Any input would be appreciated, I will post to the list when I have
finished the research and compiled it into a paper for public consumption.
Please reply directly to me.
