On Sat, 25 Mar 2006 04:39:11 +0200, Gadi Evron <[EMAIL PROTECTED]> wrote:
>
> [EMAIL PROTECTED] wrote:
> > Well, it *is* mostly a theoretical overflow - for it to work, a site would
> > have to:
>
> Exploit is out there. How long did that take?
>
Is the exploit actually effective in the wild? The conditions Valdis
spoke of are improbable -- are there actually vulnerable sites? Or is
the attack much easier than he had indicated?
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
