Re: Sun Sep 9 01:46:40 2001 GMT

From: Joseph Mallett (jmallettat_private)
Date: Wed Aug 29 2001 - 09:55:41 PDT

  • Next message: Nicolas Gregoire: "Re: Buffer Overflow document repository"

    It will affect people who use braindead sorting algorithms in things like 
    perl to sort dates in unix time() format.
    
    I guarantee it will be a bigger problem than Y2K, but that is not saying 
    much at all.
    
    On Wed, Aug 29, 2001 at 11:03:30AM +0200, Rķkharšur Egilsson wrote:
    > 
    > Has anybody done any research in what production systems (web, mail-
    > servers, OSes etc) might have a problem at :
    > 
    > perl -e 'print localtime(1000000000) . "\n";'
    > 
    > The only thing I have found, so far, is this (old) version of KMail :
    > http://dot.kde.org/985599243/
    > 
    > The whole issue, and the absense of any discussion, looks like either,
    > 
    > 	(1) A disaster just waiting to happen or
    > 
    > 	(2) A non-problem.
    > 
    > Personally my wote is for (2).
    > 
    > For vulnerable systems, there might be a problem if the system accepts
    > dates from users and a user enters a date after September 9th 2001.
    > (buffer overflow ?)
    > 
    > -- 
    >  Rķkharšur Egilsson - Networking/Security EXD/ITN/CCO
    >  OECD/OCDE - Organisation for Economic Co-operation and Development
    
    -- 
    --
    Joseph A. Mallett
    http://srcsys.org
    
    xMach Core Team, www.xMach.org
    



    This archive was generated by hypermail 2b30 : Wed Aug 29 2001 - 11:29:09 PDT