[WEB SECURITY] Re: Re: Jeremiah Grossman writes about buffer overflow myths

ol ol at uncon.org
Mon Mar 20 07:01:37 EST 2006


> Have you got any examples of these in Perl?
>

I am not aware of any generic Perl overflow conditions other than perls
sprintf [1] . This was discovered in part due to the Sys::Syslog problem
which was originally discussed in two advisories from Dyad [2] [3].

[1] http://use.perl.org/article.pl?sid=05/12/15/0916221&from=rss
[2] http://dyadsecurity.com/webmin-0001.html
[3] http://dyadsecurity.com/perl-0002.html




---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list