my question was: when was the first provable *public* (as in common sense) announcement of the exploitability of buffer overflows.
didn't mean to underestimate the morris worm. On Fri, Nov 03, 2006 at 08:21:37AM -0800, Blue Boar wrote: > [EMAIL PROTECTED] wrote: > >I have to conclude that before that, buffer overflows weren't even well > >known *inside* the security community, much less outside in the wider > >programming community. > > They were known and exploited by 1972, in at least some communities. > http://csrc.nist.gov/publications/history/ande72.pdf > Pages 44 and 45. > http://osvdb.org/blog/?p=77 > BB EOM _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
