Phill wrote:
What is AFAIR
AFAIK this means As Far As I Remember ;)
cu, gottfried
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
On Thu, 2005-04-07 at 09:22 +1000, Phill wrote:
OK. I did a bit of reading on the subject. Linux can be vulnerable to
buffer overrun attacks can't it? If not, why not?
Absolutely. Everything can be susceptible to these attacks if they are
written in a language that allows it, typically C.
Phill wrote:
I am also curious. How does this attack work? I understand the idea of
filling up a buffer with junk but then
As Gottfried said, on Linux it doesn't work, but on IIS it causes a
buffer overflow which then allows uncontrolled access for the exploit -
or something like that - I
Cc: slug@slug.org.au
Subject: Re: FW: [SLUG] Possible hacker Attempt
Phill wrote:
I am also curious. How does this attack work? I understand the idea of
filling up a buffer with junk but then
As Gottfried said, on Linux it doesn't work, but on IIS it causes a
buffer overflow which
attacks can't it? If not, why not?
Regards,
Phill
-Original Message-
From: Howard Lowndes [mailto:[EMAIL PROTECTED]
Sent: Thursday, 7 April 2005 7:30 AM
To: Phill
Cc: slug@slug.org.au
Subject: Re: FW: [SLUG] Possible hacker Attempt
Phill wrote:
I am also curious. How does this attack work? I
On Thu, Apr 07, 2005 at 09:48:48AM +1000, Howard Lowndes wrote:
My bad. Of course Linux apps can be just as badly written as M$ apps
and can have buffer overflows.
What I should have said is that this attempt at a buffer over flow does
not affect Apache.
Whilst Linux apps can be badly
Tks Tel, that is a brilliant explanation for someone like me who doesn't
know C from Z :)
[EMAIL PROTECTED] wrote:
On Thu, Apr 07, 2005 at 09:48:48AM +1000, Howard Lowndes wrote:
My bad. Of course Linux apps can be just as badly written as M$ apps
and can have buffer overflows.
What I should
On Thu, 7 Apr 2005, Phill wrote:
I am also curious. How does this attack work? I understand the idea of
filling up a buffer with junk but then
Basically a snapshot of a bit of memory might look like this after
processing the URL http://localhost/cgi-bin/?HELLO-WORLD
byte: content: