In article <[EMAIL PROTECTED]>, Norbert Warmuth <[EMAIL PROTECTED]> wrote: > An off-by-one error, hardly to exploit especially since the value written > is always '\0'. Relying on that to protect you may not be prudent. See http://www.geog.ubc.ca/snag/bugtraq/msg03213.html for an example of an off-by-one error which only allowed to write a '\0' yet was exploited in the field (!).
- Re: ... / wu-ftpd <=2.5 / ... Volker Borchert
- Re: ... / wu-ftpd <=2.5 / ... Gregory A Lundberg
- Re: ... / wu-ftpd <=2.5 / ... Jason Downs
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD /... Michael K. Johnson
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroF... Michal Zalewski
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD /... Michael K. Johnson
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroF... Michal Zalewski
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD /... Olaf Kirch
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroF... Benjamin Smee
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD /... Norbert Warmuth
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroF... David Wagner
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroF... Norbert Warmuth