Steven M. Bellovin wrote:
On Sat, 25 Mar 2006 04:39:11 +0200, Gadi Evron <[EMAIL PROTECTED]> wrote:
[EMAIL PROTECTED] wrote:
Well, it *is* mostly a theoretical overflow - for it to work, a site would have
to:
Exploit is out there. How long did that take?
Is the exploit actually effective in the wild? The conditions Valdis
spoke of are improbable -- are there actually vulnerable sites? Or is
the attack much easier than he had indicated?
There are two exploit code samples I saw. There are two remote exploits
for one of them so far that are public that I know of.
I haven't seen any exploited sites yet.
