The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #162 [fingerd bug] (1 message, 468 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/162.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: page@swan.ulowell.edu (Bob Page)
To: phage
Date: Tue 12:22:52 08/11/1988 EST
Subject: fingerd bug
References: [Thread Prev: 149] [Thread Next: 179] [Message Prev: 155] [Message Next: 408]

The summary/report I sent out yesterday wasn't clear about this because
I didn't know (I haven't actually seen the virus).  Chris Torek filled
me in on some details, including this:

	The fingerd hole works by writing machine code into
	the buffer that is overflowed; obviously, this technique
	is machine-dependent.  Probably if he had had Sun code
	he would have chosen which to try at random.

..Bob

END OF DOCUMENT