Firewall Wizards mailing list archives
Re: Buffer Overruns
From: Matt Curtin <cmcurtin () interhack net>
Date: 17 Dec 1999 22:20:02 -0500
On Fri, 17 Dec 1999 06:16:32 -0500, Michael Kelly <michaelkelley () home com> said:
Michael> I really feel silly asking this, but; Can these buffer Michael> overrun bugs penetrate firewalls? I'm trying to convince the Michael> boss to ditch IE in favor of Netscape. (which is only Michael> slightly better) A buffer overrun problem is possible anytime that something can give more input than the listener is expecting and will properly handle. That means it will traverse all protocols, network architecture components, applications, platforms, etc., that are in the middle. If the source of the data can give more than the receiver can reasonably handle, it's vulnerable. A firewall will offer no protection. -- Matt Curtin cmcurtin () interhack net http://www.interhack.net/people/cmcurtin/
Current thread:
- Buffer Overruns Michael Kelly (Dec 17)
- Re: Buffer Overruns Joseph S D Yao (Dec 18)
- Re: Buffer Overruns Marcus J. Ranum (Dec 18)
- Re: Buffer Overruns Crispin Cowan (Dec 18)
- Re: Buffer Overruns Michael Kelly (Dec 20)
- Re: Buffer Overruns Matt Curtin (Dec 18)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- RE: Buffer Overruns Michael D. Hunter-Linville (Dec 21)
- Re: Buffer Overruns Saravana Ram (Dec 24)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- <Possible follow-ups>
- Re: Buffer Overruns Ryan Russell (Dec 18)
- Re: Buffer Overruns Steven M. Bellovin (Dec 18)
- Re: Buffer Overruns Vin McLellan (Dec 20)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)
- OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Lim Wei Siong Vincent (Dec 22)
- Re: OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Joseph S D Yao (Dec 23)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)
- Re: Buffer Overruns Crispin Cowan (Dec 21)