[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenBSD rootkit?
On Sun, Jul 14, 2002, Theo de Raadt wrote:
> > This claim is wrong, OpenSSH was vulnerable to CRC32 integer overflow
> > two years ago.
> But if we recall, OpenBSD was not vulnerable in that case because we
It was *probably* not exploitable, but still *vulnerable*. Be more
careful with such statements.
> got lucky with our malloc.
'Our' malloc? It's phkmalloc from FreeBSD.
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: email@example.com ** PGP: D48684904685DF43EA93AFA13BE170BF *