|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Y2K bug in Shadow IDS (fwd)
Subject: Re: Y2K bug in Shadow IDS (fwd)
From: Alfred Huger (ah
SECURITYFOCUS.COM)
Date: Sun Jan 02 2000 - 16:13:38 CST
- Next message: Georgi Guninski: "Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:....">"
- Previous message: Alfred Huger: "Y2K bug in Shadow IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alfred Huger
VP of Engineering
SecurityFocus.com
---------- Forwarded message ----------
Date: Sun, 2 Jan 2000 17:12:14 -0500 (EST)
From: Peter W <peterwusa.net>
To: Alfred Huger <ahSECURITYFOCUS.COM>
Subject: Re: Y2K bug in Shadow IDS
At 1:00pm Jan 2, 2000, Alfred Huger wrote:
> I changed the top of 'sensor/variables.ph' into
>
> # We need various timestamps all over the place
> T = localtime;
> if ($T[5] > 99) {
> $T[5] -= 100;
> }
Or
T = localtime;
$T[5] %= 100;
> By the way, the Shadow perl scripts also use /tmp a lot with
> predictable file names, so local exploits are possible,
> but this is more of a Bugtraq issue I guess.
Fun.
- Next message: Georgi Guninski: "Hotmail security hole - injecting JavaScript using <IMG LOWSRC="javascript:....">"
- Previous message: Alfred Huger: "Y2K bug in Shadow IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Sun Jan 02 2000 - 18:40:28 CST