Secure Coding mailing list archives
COBOL Exploits
From: mrockman at acm.org (Mark Rockman)
Date: Fri, 02 Nov 2007 00:13:37 -0400
The adolescent minds that engage in "exploits" wouldn't know COBOL if a printout fell out a window and onto their heads. I'm sure you can write COBOL programs that crash, but it must be hard to make them take control of the operating system. COBOL programs are heavy into unit record equipment (cards, line printers), tape files, disk files, sorts, merges, report writing -- all the stuff that came down to 1959-model mainframes from tabulating equipment. They don't do Internet. What they could do and have done is incorporate malicious code that exploits rounding error such that many fractional pennies end up in a conniving programmer's bank account. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://krvw.com/pipermail/sc-l/attachments/20071102/81148c01/attachment.html
Current thread:
- COBOL Exploits Mark Rockman (Nov 01)
- COBOL Exploits security curmudgeon (Nov 02)
- COBOL Exploits ljknews (Nov 02)
- COBOL Exploits Leichter, Jerry (Nov 02)
- COBOL Exploits Kenneth Van Wyk (Nov 02)
- <Possible follow-ups>
- COBOL Exploits Peter G. Neumann (Nov 02)
- COBOL Exploits Andrew van der Stock (Nov 17)