http://www.kb.cert.org/vuls/id/654390
Apparently one of the new DHCP vulnerabilities stems from the following code found in a header file. #define vsnprintf(buf, size, fmt, list) vsprintf (buf, fmt, list) Why would any coder replace a more secure function with a less secure function? Personally I don't see any reason except to backdoor the software. If so, then is this evidence that ISC has been hacked and there backdoored? Are they keeping the incident quiet? Yeah I'm paranoid, but someone has to be ^_* __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
