[13190] in bugtraq
Re: Y2K bug in Shadow IDS (fwd)
daemon@ATHENA.MIT.EDU (Alfred Huger)
Sun Jan 2 19:42:43 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.10.10001021413250.24239-100000@www.securityfocus.com>
Date: Sun, 2 Jan 2000 14:13:38 -0800
Reply-To: Alfred Huger <ah@SECURITYFOCUS.COM>
From: Alfred Huger <ah@SECURITYFOCUS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Alfred Huger
VP of Engineering
SecurityFocus.com
---------- Forwarded message ----------
Date: Sun, 2 Jan 2000 17:12:14 -0500 (EST)
From: Peter W <peterw@usa.net>
To: Alfred Huger <ah@SECURITYFOCUS.COM>
Subject: Re: Y2K bug in Shadow IDS
At 1:00pm Jan 2, 2000, Alfred Huger wrote:
> I changed the top of 'sensor/variables.ph' into
>
> # We need various timestamps all over the place
> @T = localtime;
> if ($T[5] > 99) {
> $T[5] -= 100;
> }
Or
@T = localtime;
$T[5] %= 100;
> By the way, the Shadow perl scripts also use /tmp a lot with
> predictable file names, so local exploits are possible,
> but this is more of a Bugtraq issue I guess.
Fun.
