[7115] in bugtraq
Re: patch for qpopper remote exploit bug
daemon@ATHENA.MIT.EDU (Steven Winikoff)
Tue Jun 30 13:21:44 1998
Date: Mon, 29 Jun 1998 12:26:04 -0400
Reply-To: Steven Winikoff <smw@alcor.concordia.ca>
From: Steven Winikoff <smw@ALCOR.CONCORDIA.CA>
X-To: David LeBlanc <dleblanc@mindspring.com>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of Mon, 29 Jun 1998 11:25:06 EDT
>This can blow up -
It certainly can. :-(
Basically I was in too much of a hurry and misread the NetBSD man page
for vsnprintf(), leading me to write a nice implementation (well, I
think so :-) of an entirely incorrect design. :-(
Incidentally, when that was first pointed out to me I attempted to say
so on Bugtraq, in order to prevent further confusion; unfortunately that
reply doesn't seem to have made it out to the list.
I apologize for wasting your time, but I do appreciate your polite and
helpful reply. :-)
- Steven
________________________________________________________________________
Steven Winikoff | "The difference between the right word
Concordia University | and the nearly right word is the
Montreal, QC, Canada | difference between the lightning and
smw@alcor.concordia.ca | the lightning bug."
http://alcor.concordia.ca/~smw | - Mark Twain
