Date: Fri, 8 Dec 2000 18:10:39 -0600 (CST) From: Mike Silbersack <silby@silby.com> To: Will Andrews <will@physics.purdue.edu> Cc: freebsd-audit@FreeBSD.ORG Subject: Re: bitchx/ircd DNS overflow demonstration (fwd) Message-ID: <Pine.BSF.4.21.0012081802200.24534-100000@achilles.silby.com> In-Reply-To: <20001208190004.S572@puck.firepipe.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 8 Dec 2000, Will Andrews wrote: > Err, this is out of the list's charter IMO. We're only here to audit > code in FreeBSD itself. > > Anyone want to clarify the charter? Actually, I don't see any charter > anywhere.. I was motivated to send this over to -audit due to the format string problem. Soon after the first one was exploited in BitchX (or was it something else?), it was found that a bunch were present in the base system as well. I figure that such DNS problems could be present in the base system as well, hence the info contained in the advisory would be useful to auditers. In any case, if you've already audited the handling of DNS in programs in the FreeBSD base system, I apologize. The info the advisory is clearly useless to you. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0012081802200.24534-100000>