Vulnerability Development mailing list archives
Re: Sun Sep 9 01:46:40 2001 GMT
From: Joseph Mallett <jmallett () NewGold NET>
Date: Wed, 29 Aug 2001 16:55:41 +0000
It will affect people who use braindead sorting algorithms in things like perl to sort dates in unix time() format. I guarantee it will be a bigger problem than Y2K, but that is not saying much at all. On Wed, Aug 29, 2001 at 11:03:30AM +0200, Ríkharður Egilsson wrote:
Has anybody done any research in what production systems (web, mail- servers, OSes etc) might have a problem at : perl -e 'print localtime(1000000000) . "\n";' The only thing I have found, so far, is this (old) version of KMail : http://dot.kde.org/985599243/ The whole issue, and the absense of any discussion, looks like either, (1) A disaster just waiting to happen or (2) A non-problem. Personally my wote is for (2). For vulnerable systems, there might be a problem if the system accepts dates from users and a user enters a date after September 9th 2001. (buffer overflow ?) -- Ríkharður Egilsson - Networking/Security EXD/ITN/CCO OECD/OCDE - Organisation for Economic Co-operation and Development
-- -- Joseph A. Mallett http://srcsys.org xMach Core Team, www.xMach.org
Current thread:
- Sun Sep 9 01:46:40 2001 GMT Ríkharður Egilsson (Aug 29)
- Re: Sun Sep 9 01:46:40 2001 GMT Joseph Mallett (Aug 29)