Re: a holiday gift from Robert "wormer" Morris


John B. Nagle (glacier!jbn@labrea.stanford.edu)
7 Nov 88 02:27:19 GMT


In article <24@jove.dec.com> vixie@decwrl.dec.com (Paul Vixie) writes:
>The bug in fingerd was a big surprise, though. Overwriting a stack frame
>on a remote machine with executable code is One Very Neat Trick.

       Yes. But not all that uncommon, given classical C's rather casual
approach to array sizing. "login" in V6 UNIX could be broken by submitting
very long, suitably constructed passwords.

                                        John Nagle



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT