Vulnerability Development mailing list archives
Re: Buffer overflow in awk
From: "Kurt Seifried" <bugtraq () seifried org>
Date: Fri, 15 Mar 2002 14:49:27 -0700
So you are willing to guarentee to us that this awk bug will never be exploitable by an attacker in any circumstance? Cool. Oh wait, that's totally bogus. It's this attitude that dooms most software to horrible security issues. Take a hint from OpenBSD, rather then debating whether it is exploitable or not just fix the bug. There's a reason you don't see to many OpenBSD issues on Bugtraq (but lots and lots and lots of Linux/Windows/3rd party software ones). Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ http://www.idefense.com/digest.html ----- Original Message ----- From: <sekure () hadrion com br> To: "Mike Batchelder" <mikeb () counterpane com>; "'keoki'" <keoki () techie com>; <vuln-dev () securityfocus com> Sent: Friday, March 15, 2002 11:39 AM Subject: Re: Buffer overflow in awk
Hi, In my Debian Potato r5 and Conectiva Linux 7 it worked too! But i would ask the some thing, why find a bug in awk and exploit it ? 1) It isn't suid root in linux. 2) doesn't used in web applications Then, why exploit it ? ps.: sorry for my poor english. cheers. [ ]'s
Current thread:
- Buffer overflow in awk keoki (Mar 14)
- RE: Buffer overflow in awk Max (Mar 15)
- Re: Buffer overflow in awk Walter Jr. (Mar 15)
- Re: Buffer overflow in awk Charles-Edouard Ruault (Mar 15)
- Re: Buffer overflow in awk JW (Mar 26)
- Re: Buffer overflow in awk Walter Jr. (Mar 15)
- Re: Buffer overflow in awk Jason Stover (Mar 15)
- Re: Buffer overflow in awk wu2ftpd-ovich (Mar 15)
- Re: Buffer overflow in awk Enphourell Security (Mar 19)
- <Possible follow-ups>
- RE: Buffer overflow in awk Mike Batchelder (Mar 15)
- Re: Buffer overflow in awk sekure (Mar 15)
- Re: Buffer overflow in awk Kurt Seifried (Mar 15)
- Re: Buffer overflow in awk Pavel Kankovsky (Mar 17)
- Re: Buffer overflow in awk Jeff Fields (Mar 19)
- Re: Buffer overflow in awk Jirka Kosina (Mar 20)
- Re: Buffer overflow in awk sekure (Mar 15)
- RE: Buffer overflow in awk Max (Mar 15)
- Re: Buffer overflow in awk nilton . gs . sc (Mar 15)
- Re: Buffer overflow in awk Rui Miguel Silva Seabra (Mar 15)
- Re: Buffer overflow in awk Crist J. Clark (Mar 17)
- Re: Buffer overflow in awk Jose Nazario (Mar 18)