[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] 18th anniversary of Internet worm a.k.a. Morris worm
- To: Blue Boar <BlueBoar@xxxxxxxxxxx>
- Subject: Re: [Full-disclosure] 18th anniversary of Internet worm a.k.a. Morris worm
- From: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Date: Fri, 3 Nov 2006 19:24:31 +0200
my question was:
when was the first provable *public* (as in common sense) announcement of the
exploitability of buffer overflows.
didn't mean to underestimate the morris worm.
On Fri, Nov 03, 2006 at 08:21:37AM -0800, Blue Boar wrote:
> Valdis.Kletnieks@xxxxxx wrote:
> >I have to conclude that before that, buffer overflows weren't even well
> >known *inside* the security community, much less outside in the wider
> >programming community.
>
> They were known and exploited by 1972, in at least some communities.
> http://csrc.nist.gov/publications/history/ande72.pdf
> Pages 44 and 45.
> http://osvdb.org/blog/?p=77
>
BB
EOM
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/