The overflow in locate was reported to bugtraq at least on 3/6/98 by Michal Zalewski (http://www.geek-girl.com/bugtraq/1998_1/0351.html). It's probably also worth noting the promiscuous thread has been discussed numerous times before; the particular method in this thread was noted on comp.security.unix by Stefan Schmidt on 10/19/97, although I don't believe it was even new at that time (but I don't have an earlier reference). It might be worthwhile to the whole bugtraq community if people were to do at least a cursory search on a bugtraq and usenet archive, and if there has been relevant material to provide references to the prior published work and limit their comments to that which is new. Places to research your posts include: (http://www.geek-girl.com/bugtraq/search.html, http://www.dejanews.com) I have been guilty of this in the past, in fact I'm guilty of it right now as this has been said before, but maybe a friendly reminder would help raise the S:N ratio. -Dave "So... how much longer is this futile slashing going to continue?" -Theo de Raadt
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:17:07 PDT