Subject: Re: CERT Advisory CA-2002-12 Format String Vulnerability in ISC
To: None <tech-security@netbsd.org>
From: None <sen_ml@eccosys.com>
List: tech-security
Date: 05/09/2002 13:57:02
Hi,

From: Dave Ahmad <da@securityfocus.com>
Subject: Re: CERT Advisory CA-2002-12 Format String Vulnerability in ISC DHCPD
Date: Wed, 8 May 2002 21:45:01 -0600 (MDT)

> Well, it was found during a 'sweep', was it not?  And I think it's a safe
> assumption that this format string sweep was carried out to find
> possible security problems.

Perhaps it was.  I don't know.

My assumption was that for NetBSD, how "clean" the code is ranks
rather high, so I just assumed that this formatting issue was
addressed from that perspective.