Re: Passwd encrytion
Wichert Akkerman <wichert@cs.leidenuniv.nl> writes:
> [1 <text/plain; us-ascii (quoted-printable)>]
> Previously Brandon Mitchell wrote:
> > It would be crazy to try to decrypt the passwords when it's so easy to
> > exploit simple buffer overflows like the following one:
> >
> > echo "I jnag gb penpx ebbg. Pyrnfr erzbir zl nppbhag." | tr n-za-m a-z |
> > mailx root
>
> Now before people start mailing security@debian.org suddenly: this
> overflow has already been fixed.
Wouldn't it be more accurate to say that this exploit is
self-correcting?
I like it, though - I'm going to have to file that answer away as a
standard response to the script-kiddies...
Reply to: