Full Disclosure mailing list archives

Re: 18th anniversary of Internet worm a.k.a. Morris worm

From: Georgi Guninski <guninski () guninski com>
Date: Fri, 3 Nov 2006 19:24:31 +0200

my question was:

when was the first provable *public* (as in common sense) announcement of the
exploitability of buffer overflows.

didn't mean to underestimate the morris worm.

On Fri, Nov 03, 2006 at 08:21:37AM -0800, Blue Boar wrote:

Valdis.Kletnieks () vt edu wrote:

I have to conclude that before that, buffer overflows weren't even well
known *inside* the security community, much less outside in the wider
programming community.


They were known and exploited by 1972, in at least some communities.
http://csrc.nist.gov/publications/history/ande72.pdf
Pages 44 and 45.
http://osvdb.org/blog/?p=77

                                        BB
EOM



















_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

18th anniversary of Internet worm a.k.a. Morris worm morrisworm.com (Nov 02)
- Re: 18th anniversary of Internet worm a.k.a. Morris worm Riad S. Wahby (Nov 02)
- Re: 18th anniversary of Internet worm a.k.a. Morris worm Georgi Guninski (Nov 03)
  - Re: 18th anniversary of Internet worm a.k.a. Morris worm deep fried (Nov 03)
  - Re: 18th anniversary of Internet worm a.k.a. Morris worm Valdis . Kletnieks (Nov 03)
    - Re: 18th anniversary of Internet worm a.k.a. Morris worm Valdis . Kletnieks (Nov 03)
    - Re: 18th anniversary of Internet worm a.k.a. Morris worm Blue Boar (Nov 03)
    - Re: 18th anniversary of Internet worm a.k.a. Morris worm Georgi Guninski (Nov 03)
    - Re: 18th anniversary of Internet worma.k.a. Morris worm Dave "No, not that one" Korn (Nov 12)
    - Re: 18th anniversary of Internet worma.k.a. Morris worm Valdis . Kletnieks (Nov 12)
    - Re: 18th anniversary of Internet worma.k.a.Morris worm Dave "No, not that one" Korn (Nov 13)