From owner-freebsd-security Sun Aug 16 21:35:04 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA12616 for freebsd-security-outgoing; Sun, 16 Aug 1998 21:35:04 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA12603 for ; Sun, 16 Aug 1998 21:35:00 -0700 (PDT) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.7/8.8.7) with SMTP id OAA01913; Mon, 17 Aug 1998 14:40:57 +1200 (NZST) (envelope-from andrew@squiz.co.nz) Date: Mon, 17 Aug 1998 14:40:57 +1200 (NZST) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: Michael Richards <026809r@dragon.acadiau.ca> cc: security@FreeBSD.ORG Subject: Re: Why don't winblows program have buffer overruns? In-Reply-To: <199808162301.UAA09103@dragon.acadiau.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 16 Aug 1998, Michael Richards wrote: > Hi! > I have been following the buffer overrun discussions for quite some time. > One thing that I have always wondered is: > Why aren't there buffer overruns for winblows that overrun the stack and There have been lots of these. Try searching bugtraq for 'microsoft' > execute nasty code? I realise that there is no way to get a shell, but being > able to exec "format" is still a useful thing for a cracker to do on a > windows box. If they really care. Taking down a windows machine is more likely to appeal to a f***** off administrator. Andrew McNaughton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message