Vulnerability Development mailing list archives
Buffer overflow or overrun?
From: "Alberto Cozer" <acozer () fti com br>
Date: Fri, 12 Apr 2002 13:20:54 -0300
Hello, All! I've been reading the last Microsoft advisories and one of the vulnerabilities descriptions made me think about buffer overrun. The description for the HTTP header delimiters vulnerability sounds like a buffer overflow, although it is described as a buffer overrun. And the differences between overflow and overrun are very well defined, but it seems that someone is forgetting it. I might be wrong, but what I understood from the technical description is that the problem regards to an overflow. Anyone have any idea on that, or knows the reason why it is described like that? Alberto Cozer Future Technologies Digital Security IBM Certified AIX System Specialist acozer () fti com br http://www.fti.com.br ********************************************************* Future Technologies Seguranca Digital Esta mensagem e de responsabilidade de seu autor. Seu conteudo nao reflete necessariamente a opiniao da empresa. *********************************************************
Current thread:
- Buffer overflow or overrun? Alberto Cozer (Apr 12)
- <Possible follow-ups>
- Re: Buffer overflow or overrun? Steven M. Christey (Apr 28)
- Re: Buffer overflow or overrun? Crist J. Clark (Apr 29)
- Re: Buffer overflow or overrun? Steven M. Christey (Apr 29)
- Re: Buffer overflow or overrun? D'Ávila (Apr 29)
- Re: Buffer overflow or overrun? Rodrigo Barbosa (Apr 29)
- Re: Buffer overflow or overrun? David Gadelha (Apr 29)
- Re: Buffer overflow or overrun? Rodrigo Barbosa (Apr 29)
- Re: Buffer overflow or overrun? andreas 'dexxter' halter (Apr 30)
- AW: Buffer overflow or overrun? Johannes Lemmerer (Apr 30)
- Re: Buffer overflow or overrun? D'Ávila (Apr 29)
- Hacker's Digest Issue Four Spring 2002 John Thornton (Apr 30)