in reply to Re^2: Attack on Perl or Perl's need better PR (again)
in thread Attack on Perl or Perl's need better PR (again)

Seconded. This advisory seems to have the most technical meat on the subject (also posted to the dailydave mailing list this morning). There is a buffer overrun but the only way to exploit is via a format string vulnerability. So this is news regarding a flaw in perl and not just a vulnerability discovered in webmin.


Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan
  • Comment on Re^3: Attack on Perl or Perl's need better PR (again)

In Section Meditations