Firewall Wizards mailing list archives

Re: Buffer Overruns

From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Fri, 17 Dec 1999 16:06:52 -0500

On Fri, Dec 17, 1999 at 06:16:32AM -0500, Michael Kelly wrote:

 I really feel silly asking this, but;
 Can these buffer overrun bugs penetrate firewalls? I'm trying to
convince the boss to ditch IE in favor of Netscape. (which is only
slightly better)


Yes, unless it is a proxied firewall that specifically looks for and
excludes them.  I believe some of the code that "breaks" complex HTTP in
old FWTK was there to protect browsers in just such cases.  Of course,
because it "breaks" some code, the users don't want that protection ...

-- 
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO/OSIS Computer Support                                     EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.

Current thread:

Buffer Overruns Michael Kelly (Dec 17)
- Re: Buffer Overruns Joseph S D Yao (Dec 18)
- Re: Buffer Overruns Marcus J. Ranum (Dec 18)
- Re: Buffer Overruns Crispin Cowan (Dec 18)
  - Re: Buffer Overruns Michael Kelly (Dec 20)
- Re: Buffer Overruns Matt Curtin (Dec 18)
  - Re: Buffer Overruns Frederick M Avolio (Dec 20)
    - RE: Buffer Overruns Michael D. Hunter-Linville (Dec 21)
    - Re: Buffer Overruns Saravana Ram (Dec 24)
- <Possible follow-ups>
- Re: Buffer Overruns Ryan Russell (Dec 18)
- Re: Buffer Overruns Steven M. Bellovin (Dec 18)
- Re: Buffer Overruns Vin McLellan (Dec 20)

(Thread continues...)