Bugtraq mailing list archives
Re: EMERGENCY: new remote root exploit in UW imapd
From: kragen () POBOX COM (Kragen)
Date: Tue, 21 Jul 1998 12:27:58 -0400
On Sat, 18 Jul 1998, Niall Smart wrote:
The problem, as the original poster says, is that exercising option 3 is currently too difficult. The ANSI C string handling functions are simply error prone. With this in mind I begin about a month ago on a project to create a string handling library which makes buffer management significantly easier, while still maintaining an acceptable level of efficiency and supporting common C programming idioms. There are other interfaces, such as file access which are also error prone to a degree which I am also looking at. I haven't had the time to spend as much time on this project as I would have liked but I should get it released before the end of the summer at which time I'll post an announcement here. The code will be under a BSD style copyright.
Dan Bernstein, who wrote qmail, has already done all of this. He might be persuaded to let others use his library under a BSD-style copyright. qmail uses no standard C library functions, other than syscalls, if I remember correctly. Kragen
Current thread:
- Re: Bounds Checking, (continued)
- Re: Bounds Checking Ari Heitner (Jul 21)
- Re: Bounds Checking Andrew McNaughton (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Andy Church (Jul 17)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Craig Spannring (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd matt (Jul 17)
- Re: EMERGENCY: new remote root exploit in UW imapd Niall Smart (Jul 17)
- Bounds checking - historical aside Russell Fulton (Jul 20)
- Re: Bounds checking - historical aside Brett Glass (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Alex Belits (Jul 20)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 21)
- Bounds checking - historical aside Russell Fulton (Jul 20)
- Re: EMERGENCY: new remote root exploit in UW imapd Allen Smith (Jul 20)
- Re: EMERGENCY: new remote root exploit in UW imapd Allanah Myles (Jul 20)
- Re: EMERGENCY: new remote root exploit in UW imapd Dave Andersen (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Jim Greene (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Peter Jeremy (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd IBS / Andre Oppermann (Jul 21)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 22)
- Re: EMERGENCY: new remote root exploit in UW imapd Adam Shostack (Jul 23)
- Security Bulletins Digest vtmue () HEAVEN RUF UNI-FREIBURG DE (Jul 23)
- Apache 1.3.1 Released! Aleph One (Jul 23)
- Re: EMERGENCY: new remote root exploit in UW imapd Kragen (Jul 22)