Re: Backport of the integer overflow in the brk system call
On Tue, 2003-12-02 at 17:31, Tom wrote:
> On Tue, Dec 02, 2003 at 11:06:44PM +0800, Isaac To wrote:
> > rather far from changing anything in the kernel memory. Andreas is
> > definitely right that the hole doesn't look like that it is that dangerous.
> It messed up your life for a couple weeks.
> Jesus, it's not the end of the world, but that's the way Microsoft (used
> to | still) thinks.
> If it wasn't a big deal we wouldn't be talking about it. It shut down
> servers. It's dangerous enough.
Of course it is a dangerous hole. As you say that has already been
But the point was that it didn't _look_ dangerous when the bug was
discovered. Had it looked dangerous, a security update would have been