Hi, I wrote to the author of wwwcount, including the bugtraq traffic messages and asking "The question is simply wether there is a secure version 2.3, or should all users move to 2.4." ---------- Forwarded message ---------- Date: Tue, 14 Jul 1998 10:50:28 -0400 (EDT) From: ma_muquitat_private To: angusat_private Subject: Re: SECURITY: wwwcount Everyone should use 2.4. I tried my best to scrutinize 2.4 as much as I can for all possible buffer overflow (and other security) problems. Note, I update the distribution occasionally. It was last updated: May-09-1998. Version 2.3 archive available from the web page has the fix for the buffer overflow (in getenv() call). But it might have other problems, so everyone should use 2.4. The official counter page is at URL: http://www.fccc.edu/users/muquit/Count.html Take care! -- Muhammad A Muquit, ma_muquitat_private, http://www.fccc.edu/users/muquit/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:34 PDT