September 7, 2000
'Format string' vulnerabilities affect Linux, Unix
Author: JT Smith
Security experts have uncovered a new class of vulnerabilities in Unix and Linux systems that let attackers take full control of computers. These "format string" vulnerabilities started surfacing about two months ago, said Elias Levy, a moderator of the Bugtraq computer security mailing list. Some of them have lurked for years in basic Unix programs, but security experts only now have begun to find and fix them. CNet has more information on the widely reported buffer overflow problems in this story.