Bugtraq mailing list archives
secure-programs howto
From: signal11 () MEDIAONE NET (Signal 11)
Date: Sun, 9 Jan 2000 12:08:18 -0600
http://dwheeler.com/secure-programs/Secure-Programs-HOWTO.html I thought this link might be useful to forward to the list - I haven't seen it posted lately and it covers alot of issues bugtraq talks about - like buffer overflows and how StackGuard and company works. I thought it was worth forwarding on for /any/ C++ programmer. It's not detailed, but it gives you some thoughts on what to keep an eye out for. Details, of course, come from reading /this/ list. =) -- Signal 11, BOFH to the UF list and malign.net Save the whales! Trade them for valuable prizes.
Current thread:
- Re: *BSD procfs vulnerability, (continued)
- Re: *BSD procfs vulnerability Theo de Raadt (Jan 23)
- stream.c/raped.c tests (just for stats) Vanja Hrustic (Jan 21)
- Microsoft Security Bulletin (MS00-004) Microsoft Product Security (Jan 21)
- Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Vanja Hrustic (Jan 22)
- Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Markus Hofmann (Jan 22)
- Administrivia Elias Levy (Jan 18)
- Info on some security holes reported against SCO Unixware. Aaron Sigel (Jan 13)
- ssh-proxy, a new approach to firewall software Magosanyi Arpad (Jan 13)
- Re: Hotmail security hole - injecting JavaScript using <IMG Ajax (Jan 11)
- Serious Bug in Corel Linux.(Local root exploit) tascon () ENETE GUI UVA ES (Jan 12)
- secure-programs howto Signal 11 (Jan 09)
- strace can lie ... but LTT might be handy Karim Yaghmour (Jan 09)
- 2nd attempt: AIX techlibss follows links Klaus.Kusche () OOE GV AT (Jan 10)
- NIS2k Bacano (Jan 11)
- Password issue in Axent ESM 5.0.1 Console Todd (Jan 12)
- Re: Password issue in Axent ESM 5.0.1 Console Scott Blake (Jan 14)
- Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x Ussr Labs (Jan 13)
- Re: NIS2k Brad Griffin (Jan 13)
- Misleading sense of security in Netscape Craig Ruefenacht (Jan 13)
- Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
- New MySQL Available Scott (Jan 13)