[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Re: Re: Jeremiah Grossman writes about buffer overflow myths

From: "ol" <ol@xxxxxxxxx>
Subject: [WEB SECURITY] Re: Re: Jeremiah Grossman writes about buffer overflow myths
Date: Mon, 20 Mar 2006 12:01:37 -0000

> Have you got any examples of these in Perl?
>

I am not aware of any generic Perl overflow conditions other than perls
sprintf [1] . This was discovered in part due to the Sys::Syslog problem
which was originally discussed in two advisories from Dyad [2] [3].

[1] http://use.perl.org/article.pl?sid=05/12/15/0916221&from=rss
[2] http://dyadsecurity.com/webmin-0001.html
[3] http://dyadsecurity.com/perl-0002.html




---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/

References:
- RE: [WEB SECURITY] Re: Jeremiah Grossman writes about buffer overflow myths
  - From: Mark Mcdonald

Prev by Date: Re: [WEB SECURITY] How to Create Secure Web Applications with Struts
Next by Date: [WEB SECURITY] Interesting University Security Weakness
Previous by thread: RE: [WEB SECURITY] Re: Jeremiah Grossman writes about buffer overflow myths
Next by thread: [WEB SECURITY] SQL Injecting RFID Readers
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org