void f() { char buf[80]; ... gets(buf); ... }Assumption: attacker controls what is input to the program, so standard input is a network socket or a file provided by the attacker.
if (0 == access(fname,O_RDWR)) { /* check that real uid has read/write access to file */ ... fd = open(fname,O_RDWR,0); /* use effective uid (root) to actually get a file descriptor */ ... /* process file */ }
New worm attack slows down the Internet. Read the story at the BBC, the story at CNN, and the original CERT advisory about the vulnerability, and the current advisory about the worm.
bsy+cse227w03@cs.ucsd.edu, last updated
email bsy.