Hello,
On Thu, Oct 24, 2002 at 12:16:23AM +0100, Steve Kemp wrote:
> I've recently started downloading and auditing some of the package
> sources of random packages which are installed upon the Debian servers
> at my workplace; with a view to looking for security holes.
I think that this is a very valuable work. Thank you!
> Out of the three packages that I've examined thus far I've found one
> package to be wonderfully written, one to be remotely exploitable[1]
> and one to crash with a little bit of environmental tweaking[2].
Whatever you choose to do about the vulnerable packages,
you should send some praise to the author of the "wonderfully
written" program :-)
Jochen
--
Omm
(0)-(0)
http://www.mathematik.uni-kl.de/~wwwstoch/voss/privat.html
Attachment:
pgpqqaH3Y_6vG.pgp
Description: PGP signature