Firewall Wizards mailing list archives
Re: Buffer Overruns
From: "Ryan Russell" <Ryan.Russell () sybase com>
Date: Fri, 17 Dec 1999 16:43:24 -0800
I really feel silly asking this, but; Can these buffer overrun bugs penetrate firewalls?
Absolutely. Client-side holes are all the rage nowadays.
I'm trying to convince the boss to ditch IE in favor of Netscape. (which is only slightly better)
It galls me to say this, but IE is better than Netscape at present.
I might be willing to believe that IE has more problems than
Netscape, but Microsoft has gotten very good at producing
timely patches, while Netscape has stopped producing patches
at all.
If you can't get it right the first time (and clearly MS and Netscape can't)
then the next most important factor is how quick you can patch. The
windowsupdate site is also the best way I've seen to distribute patches
to Joe User as well.
I only hope that Mozilla goes release soon, and is popular and usable.
I'd love to be able to send a source patch with the next browser bug
I find, and I'm sure that's the case with others too.
Ryan
Current thread:
- Buffer Overruns Michael Kelly (Dec 17)
- Re: Buffer Overruns Joseph S D Yao (Dec 18)
- Re: Buffer Overruns Marcus J. Ranum (Dec 18)
- Re: Buffer Overruns Crispin Cowan (Dec 18)
- Re: Buffer Overruns Michael Kelly (Dec 20)
- Re: Buffer Overruns Matt Curtin (Dec 18)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- RE: Buffer Overruns Michael D. Hunter-Linville (Dec 21)
- Re: Buffer Overruns Saravana Ram (Dec 24)
- Re: Buffer Overruns Frederick M Avolio (Dec 20)
- <Possible follow-ups>
- Re: Buffer Overruns Ryan Russell (Dec 18)
- Re: Buffer Overruns Steven M. Bellovin (Dec 18)
- Re: Buffer Overruns Vin McLellan (Dec 20)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)
- OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Lim Wei Siong Vincent (Dec 22)
- Re: OT - Rant on State of S/w Engr (was Re: Buffer Overruns) Joseph S D Yao (Dec 23)
- Re: Buffer Overruns Joseph S D Yao (Dec 21)
- Re: Buffer Overruns Crispin Cowan (Dec 21)