1995-09-19 - Re: NYT on Netscape Crack

Header Data

From: Adam Shostack <adam@homeport.org>
To: sameer <sameer@c2.org>
Message Hash: 46ef3f7c7715a0a7d2059ebefebfa73e22fbb83de7a8e2c2102c61c23ada6974
Message ID: <199509191349.JAA04365@homeport.org>
Reply To: <199509190713.AAA01128@infinity.c2.org>
UTC Datetime: 1995-09-19 13:49:50 UTC
Raw Date: Tue, 19 Sep 95 06:49:50 PDT

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Tue, 19 Sep 95 06:49:50 PDT
To: sameer <sameer@c2.org>
Subject: Re: NYT on Netscape Crack
In-Reply-To: <199509190713.AAA01128@infinity.c2.org>
Message-ID: <199509191349.JAA04365@homeport.org>
MIME-Version: 1.0
Content-Type: text/plain



| 	Buffer overflow seems like a much greater concern when dealing
| with a server. Particularly one which is supposedly "secure", and
| accessing "secured" documents. Even with the server running as
| 'nobody' if someone can implement buffer overflow to get access to
| documents they shouldn't then that would count as a pretty significant
| hack.

	Don't forget system(), which was a major source of holes in the NCSA server.  
Also, CGI scripts, especially those that run under perl or sh, would be a good 
place to look for holes.  Don't forget to see what happens when you put 
semi-colons in the data field of various fields, such as mailto:'s.

Adam
-- 

"It is seldom that liberty of any kind is lost all at once."
					               -Hume








Thread