Bugtraq mailing list archives
Re: [HERT] Advisory #002 Buffer overflow in lsof
From: Valdis.Kletnieks () VT EDU (Valdis.Kletnieks () VT EDU)
Date: Fri, 19 Feb 1999 17:09:18 -0500
--==_Exmh_-806204580P Content-Type: text/plain; charset=us-ascii On Thu, 18 Feb 1999 21:41:16 EST, Gene Spafford said:
People who really want to improve security find ways to avoid hurting victims and increase protection. If there is a problem that is not known and not under attack, notifying the vendor and waiting for a valid fix to appear is not going to result in anyone being hurt. Posting an exploit widely for a previously unknown problem suddenly opens up all the current users to attack.
Umm.. Gene? I agree with most of your logic, if you can clear up one minor sticking point: How do us white hats determine that a problem isn't already known and being exploited elsewhere by the black hats? Remember that security holes are found in only two ways: during code auditing, and after a break-in. Now, if you find it after a break in, you can safely say it's being exploited in the real world. However, if you find it during a code audit, you *don't* have any way to find out if other people are already getting attacked by it. Remember that the whole reason that Bugtraq is a full-disclosure list is because there's an implicit assumption that the black hats already know about all the holes, and we need to get the information out to the white hats who don't know yet. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech --==_Exmh_-806204580P Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: 2.6.2 iQCVAwUBNs3hDtQBOOoptg9JAQHlwQP/W0bRtbptYNQ6nW8JZe6UTD+nQGJw6418 h0QmFejv5UlYJtGgpR23hUgBizdD4l3L4wk1SRGuDZ89nUfE3X7tYS4GQ1veBYOB wpy14w3bEgJ1hesbznqay+odEvP6r2ghP0EUoN0xzgMQmhEajExX4XUWqCifbE0o aVCf37Xu4UM= =HEsE -----END PGP MESSAGE----- --==_Exmh_-806204580P--
Current thread:
- [SECURITY] New versions of super fixes two buffer overflows, (continued)
- [SECURITY] New versions of super fixes two buffer overflows joey () FINLANDIA INFODROM NORTH DE (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Tetrix 1.13.16 is Vulnerable Steven Hodges (Feb 17)
- Re: Tetrix 1.13.16 is Vulnerable Pavel Machek (Feb 19)
- ADMsnmp SNMP Audit scanner root (Feb 17)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Theo de Raadt (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- IE0199.exe uninstaller David Brumley (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Weld Pond (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Valdis.Kletnieks () VT EDU (Feb 19)
- Plaintext Password in Tractive's Remote Manager Software Trevor Gryffyn (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Peter W (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof John DiMarco (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof brian j pardy (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Greg Woods (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof route () RESENTMENT INFONEXUS COM (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Fred W. Noltie Jr. (Feb 19)
- Call to politeness (Re: [HERT] Advisory #002 Buffer overflow in alecm (Feb 19)
- pine 4.10 patches (similar to 4.05) GvS (Feb 20)
- Re: [HERT] Advisory #002 Buffer overflow in lsof M.C.Mar (Feb 20)