Hello, On Thu, Oct 24, 2002 at 12:16:23AM +0100, Steve Kemp wrote: > I've recently started downloading and auditing some of the package > sources of random packages which are installed upon the Debian servers > at my workplace; with a view to looking for security holes. I think that this is a very valuable work. Thank you! > Out of the three packages that I've examined thus far I've found one > package to be wonderfully written, one to be remotely exploitable[1] > and one to crash with a little bit of environmental tweaking[2]. Whatever you choose to do about the vulnerable packages, you should send some praise to the author of the "wonderfully written" program :-) Jochen -- Omm (0)-(0) http://www.mathematik.uni-kl.de/~wwwstoch/voss/privat.html
Attachment:
pgpqqaH3Y_6vG.pgp
Description: PGP signature