Re: [linux-security] Linux NetKit-B update.

[jsdy () cais cais com (Joseph S. D. Yao)]

> 6. Buffer overflow in ping mentioned yesterday, but it's not on the
> stack and consequently probably not exploitable. Patch: use snprintf.

Stack vs. heap is irrelevant.  The V6 'login' overrun bug was in data
space, rather than on the stack, and it gave a very nice way to log in
as root.

No, I don't remember the exact character string to enter ...    ;-)

Joe Yao                         jsdy () cais com - Joseph S. D. Yao