From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,32a9c4641bed19de X-Google-Attributes: gid103376,public From: Preben Randhol Subject: Re: FY Ammo: Study about Security Bugs Date: 1999/11/25 Message-ID: #1/1 X-Deja-AN: 552931103 References: X-Complaints-To: usenet@itea.ntnu.no X-Trace: kopp.stud.ntnu.no 943539245 37 129.241.83.82 (25 Nov 1999 14:14:05 GMT) Organization: ProgramVareVerkstedet NNTP-Posting-Date: 25 Nov 1999 14:14:05 GMT Newsgroups: comp.lang.ada Date: 1999-11-25T14:14:05+00:00 List-Id: lutz@iks-jena.de (Lutz Donnerhacke) writes: | http://news.cnet.com/news/0-1003-200-1462855.html?tag=st.ne.1002.bgif.1003-200-1 | | Quick: What's the computer vulnerability of the decade? | | It's not the Y2K bug, according to computer science and security analysts, | but a security weakness known as the buffer overflow. Unlike the Y2K bug, | which threatens to cripple computers unable to distinguish years written in | two-digit shorthand, this vulnerability opens computers to attacks by | malicious hackers, who can use the bug to commandeer the targeted computer. Nitpick: Is Y2K really a security (to computer systems) bug/risk? Pardon my ignorance, but are programs written in Ada 95 vulnerable to buffer overflow ? I know C and C++ programs can be, if not coded properly, but I would think Ada 95 programs wasn't (unless one are perhaps interfacing towards C?). If somebody could shed some light on this, it would be great. -- Preben Randhol "Marriage is when you get to keep [randhol@pvv.org] your girl and don't have to give [http://www.pvv.org/~randhol/] her back to her parents." (Eric, 6)