Bugtraq mailing list archives

Re: patch for qpopper remote exploit bug

From: smw () alcor concordia ca (Steven Winikoff)
Date: Mon, 29 Jun 1998 12:26:04 -0400


It certainly can. :-(

Basically I was in too much of a hurry and misread the NetBSD man page
for vsnprintf(), leading me to write a nice implementation (well, I
think so :-) of an entirely incorrect design. :-(

Incidentally, when that was first pointed out to me I attempted to say
so on Bugtraq, in order to prevent further confusion; unfortunately that
reply doesn't seem to have made it out to the list.

I apologize for wasting your time, but I do appreciate your polite and
helpful reply. :-)

     - Steven
________________________________________________________________________
Steven Winikoff                | "The difference between the right word
Concordia University           |  and the nearly right word is the
Montreal, QC, Canada           |  difference between the lightning and
smw () alcor concordia ca         |  the lightning bug."
http://alcor.concordia.ca/~smw |                            - Mark Twain

Current thread:

Re: patch for qpopper remote exploit bug Steven Winikoff (Jun 28)
- <Possible follow-ups>
- Re: patch for qpopper remote exploit bug Ben Laurie (Jun 28)
- Re: patch for qpopper remote exploit bug Johan Danielsson (Jun 28)
- Re: patch for qpopper remote exploit bug Steven Winikoff (Jun 29)
- Re: patch for qpopper remote exploit bug Kev (Jun 29)
  - Re: patch for qpopper remote exploit bug David DeSimone (Jun 30)
  - SECURITY: too many new packages twiztah (Jun 30)
    - Environment variables (SECURITY: too many new packages) Alan Cox (Jun 29)
    - Qualcomm's qpopper 2.5 Aleph One (Jun 30)