> -----Original Message-----
> From: Neil Conway [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, August 19, 2002 10:48 PM
> To: Dann Corbit
> Cc: Neil Conway; Mark Pritchard; Justin Clift; Tom Lane; 
> Christopher Kings-Lynne; [EMAIL PROTECTED]
> Subject: Re: [HACKERS] @(#) Mordred Labs advisory 0x0001: 
> Buffer overflow in
> 
> 
> "Dann Corbit" <[EMAIL PROTECTED]> writes:
> > I read (in some other message) that this buffer overrun problem has 
> > been known for a very, very long time.
> 
> No, the problem you're referring to (cash_out() and friends) 
> is *not* a buffer overrun.

I did miss the one message that said it was not a buffer overrun (I just
got back from vacation, sorry).

However, if it *can* crash the server, that sounds pretty important to
me.  Another message in this thread seemed to indicate that security was
not a major focus (lagging behind adding new features).  I do hope that
is not true.

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
    (send "unregister YourEmailAddressHere" to [EMAIL PROTECTED])

Reply via email to