On Sun, 30 Jun 2002 02:23:53 -0700, bernie wrote:
> Glenn wrote:
>> Sure, you can "overflow" any web browser.
>> But that's not a virus or a worm.
>> AFAIK,
>> Causing an "overflow" can't damage anything on the
>> recipients computer system.
> Hmm... perhaps I should take you up on the challenge you mentioned in another po
> just to get a free meal ;-)
> An overflow is distasterous from a security point of view. The first Internet wo
> instance used an overflow bug, that was known, in sendmail.
> It wouldn't be too dificult for me (that have the source code to Arachne) to see
> length of a buffer (any buffer) and trick you somehow to overflow it. For instan
> (not from the code of course):
> void someFunction(char *inBuf)
> {
> char buf[64];
> strcpy(buf, inBuf);
> Now if the buffer is overrun the code following buf in memmory will be run inste
> what the programmer planned. Of course using strncpy(buf, inBuf, 64); instead wi
> make it safe (and so has Michael done - but I'm not 100% certain it's everywhere
> even if Arachne would be safe against this, what says that the packetdriver (you
> using LSPPP AFAIK) is written in this way? Or WatTCP? or Lopif? So there are pos
> security holes, I'm not saying that they are there, but they could be.
> Besides, taking your bet is really useless, I can just as easily bet that noone
> get into my sisters Windows 95 machine that lacks a firewall. Why? Well, I'll ju
> leave it unconnected to the Internet ;-)
>> And it most certainly can't be spread around the web and email system
>> without the person who received it intentionally re-sending it.
> How so? As long as the buffer don't overrun WatTCP and the packetdriver (unless
> very small fraction) it can send it self away just as easily as you send mail yo
> - and you wouldn't notice.
> //Bernie
Uh oh....
Bernie knows too much.
He just might be able to win.
He's not allowed to play this game. ;-)
Michael isn't allowed to play either. ;-)
He *would* win.
BTW,
It's good to hear from you again Bernie.
How have you been?
--
Glenn
http://arachne.cz/
http://www.delorie.com/listserv/mime/
http://www.angelfire.com/id/glenndoom/download.htm
http://www.thispagecannotbedisplayed.com/
