Hi Mark,

: The adolescent minds that engage in "exploits" wouldn't know COBOL if a 
: printout fell out a window and onto their heads.  I'm sure you can write 
: COBOL programs that crash, but it must be hard to make them take control 
: of the operating system.  COBOL programs are heavy into unit record 
: equipment (cards, line printers), tape files, disk files, sorts, merges, 
: report writing -- all the stuff that came down to 1959-model mainframes 
: from tabulating equipment.  They don't do Internet.  What they could do 
: and have done is incorporate malicious code that exploits rounding error 
: such that many fractional pennies end up in a conniving programmer's 
: bank account.

I'd love for you to show me such exploits, specifically citing the OS 
and/or affected programs *with* a public reference. =)

Disclosure Date Range: 1960-01-01 to 1979-01-01

Please, help me add to the collection =) Many of these were uncovered by 
my own personal interest/research along with a few contributers to my 
challenge to find the oldest documented vulnerability: 


Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to