The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #055 [Re: NNTP vulnerability] (1 message, 578 bytes)
NOTICE: recognises the rights of all third-party works.


From: [email protected] (Erik E. Fair)
To: phage
Date: Sat 16:33:30 05/11/1988 EST
Subject: Re: NNTP vulnerability
References: [Thread Prev: 052] [Thread Next: 053] [Message Prev: 057] [Message Next: 058]

Phil Lapsley <[email protected]> wrote the daemon (nntpd),
and since he has been one of the people "on the point" during this
mess, I submit that he is ideally qualified to tell us about it.
However, let's give him a little respite, eh?

If you want to do the analysis yourself, it should be relatively easy
(and you should do it for ALL network daemons, not just NNTP): look
for places in the code where the programmer is reading data from the
network without checking the bounds on his/her input buffer.

	Erik E. Fair	ucbvax!fair	[email protected]