Re: [htdig3-dev] Re: ITS4 Security results


Subject: Re: [htdig3-dev] Re: ITS4 Security results
From: Gilles Detillieux (grdetil@scrc.umanitoba.ca)
Date: Tue Feb 29 2000 - 07:34:16 PST


According to Geoff Hutchison:
> A few days ago, I e-mailed about the ITS4 automated security scanner.
> I tried it out on the code and it found a few places to inspect. I'm
> including the most verbose version (this one complains about memcpy)
> as an attachment. The author, John Viega <John@list.org>, also said
> that he'd consider doing a full audit of our source.
>
> I don't know what sorts of bugs remain, but getting some help
> auditing the code would be welcome.

I agree. I never did see that attachment you mentioned, though.

-- 
Gilles R. Detillieux              E-mail: <grdetil@scrc.umanitoba.ca>
Spinal Cord Research Centre       WWW:    http://www.scrc.umanitoba.ca/~grdetil
Dept. Physiology, U. of Manitoba  Phone:  (204)789-3766
Winnipeg, MB  R3E 3J7  (Canada)   Fax:    (204)789-3930

------------------------------------ To unsubscribe from the htdig3-dev mailing list, send a message to htdig3-dev-unsubscribe@htdig.org You will receive a message to confirm this.



This archive was generated by hypermail 2b28 : Tue Feb 29 2000 - 07:38:35 PST