tech-security: Re: Fwd: CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD

Subject: Re: Fwd: CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD
To: Frederick Bruckman <fredb@immanent.net>
From: Bill Sommerfeld <sommerfeld@netbsd.org>
List: tech-security
Date: 05/12/2002 22:47:06

I'm composing this response off-line, so I can't check the version
history at the moment.

> Maybe we should have a blanket SA, saying all systems older than
> NetBSD 1.4.3 *may* *have* exploitable format strings errors? 

Any system newer than NetBSD 1.4.3 *may* *have* exploitable format
string or other errors.

							- Bill