Ackerman
[EMAIL PROTECTED]
Sent by:
The IBM z/VM
Operating System IBMVM@LISTSERV.UARK.EDU
07/20/2006 01:40 AM
Please respond to The IBM z/VM Operating
System IBMVM@LISTSERV.UARK.EDU
From
Alan Ackerman [EMAIL PROTECTED]
To
IBMVM@LISTSERV.UARK.EDU
cc
Subject
Re: OSA Express, ZVM TCPIP
On Thursday, 07/20/2006 at 12:40 EST, Alan Ackerman
[EMAIL PROTECTED] wrote:
To the extent that large parts of the VM TCP/IP stack are written in C,
the
exposure exists. I'm
sure that IBM is well aware of this, and I hope they have found and
plugged all
such holes, but there can be no
ET (Eric Thomas, the author of the Revised LISTSERV) told me on VMSHARE m
any, many years ago
that the underlying cause of most buffer overruns is the C language. The
basic concept of moving
characters until you find a x'00' (or CR or LF) will ALWAYS lead to buffe
r overruns. (A number of
the
, 2006 5:11 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject:Re: OSA Express, ZVM TCPIP, and Security
What's wrong with the truth? Mainframe code was written
by professionals in an architecture that doesn't support
such nonsense?
From: Rob van der Heij [EMAIL PROTECTED]
On 7/6/06, Schuh
--- Hughes, Jim - OIT [EMAIL PROTECTED] wrote:
One of the management types near me is concerned
about TCPIP buffer
overrun security exposure on our ZVM 5.2 Z890
system.
I am not an expert with windows and linux tcpip
security exposures. The
management type is windows and linux fluent.
On Thursday, 07/06/2006 at 04:21 MST, Dave Wade [EMAIL PROTECTED] wrote:
--- Hughes, Jim - OIT [EMAIL PROTECTED] wrote:
Should I be concerned with buffer overrun security
exposures?
Despite what others say I personally have seen buffer
run security exposures in the VSCS SNA console
One of the management types near me is concerned about TCPIP buffer
overrun security exposure on our ZVM 5.2 Z890 system.
Should I be concerned with buffer overrun security exposures? If I
should not be concerned, how would I go about giving comfort to the
concerned management types?
1) The
On: Wed, Jul 05, 2006 at 04:15:04PM -0400,David Boyes Wrote:
} One of the management types near me is concerned about TCPIP buffer
} overrun security exposure on our ZVM 5.2 Z890 system.
} Should I be concerned with buffer overrun security exposures? If I
} should not be concerned, how would
Subject:Re: OSA Express, ZVM TCPIP, and Security
On: Wed, Jul 05, 2006 at 04:15:04PM -0400,David Boyes Wrote:
} One of the management types near me is concerned about TCPIP buffer
} overrun security exposure on our ZVM 5.2 Z890 system.
} Should I be concerned with buffer overrun security