Bugtraq mailing list archives
Re: [HERT] Advisory #002 Buffer overflow in lsof
From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Thu, 18 Feb 1999 17:11:41 -0700
People who publish bugs/exploits that are not being actively exploited *before* giving the vendor a chance to fix the flaws are clearly grandstanding. They're part of the problem -- not the solution.
No. The problem is badly written code. It takes me about 2 minutes to find bugs in security related software. I am assuming that I'm not the only person looking for these kinds of bugs. The REAL problem is software package maintainers who do not proactively audit their software.
Current thread:
- Re: ICQ99 crash, (continued)
- Re: ICQ99 crash Joe Stewart (Feb 16)
- Re: ICQ99 crash Timothy Doane (Feb 16)
- Website Pro v2.0 (NT) Configuration Issues Christian Antkow (Feb 16)
- [HERT] Advisory #002 Buffer overflow in lsof Anthony C . Zboralski (Feb 17)
- [SECURITY] New versions of super fixes two buffer overflows joey () FINLANDIA INFODROM NORTH DE (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Tetrix 1.13.16 is Vulnerable Steven Hodges (Feb 17)
- Re: Tetrix 1.13.16 is Vulnerable Pavel Machek (Feb 19)
- ADMsnmp SNMP Audit scanner root (Feb 17)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Theo de Raadt (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- IE0199.exe uninstaller David Brumley (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Weld Pond (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Valdis.Kletnieks () VT EDU (Feb 19)
- Plaintext Password in Tractive's Remote Manager Software Trevor Gryffyn (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Peter W (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof John DiMarco (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof brian j pardy (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Greg Woods (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof route () RESENTMENT INFONEXUS COM (Feb 18)