Re: novaBBSFrom: email@example.com
Fri, 8 May 2020 00:13 UTC
and that is only the obvious stuff...a carefully constructed buffer overflow would be much more difficult to spot, and finally could be used for the same purpose...
Very true, see the heartbleed disaster.
What helps against this ? -_very_ careful code review and testing (including fuzzing)
-careful selection of the software used (reducing attack surface)
-quitting support and usage for decades old codecs, picture formats and the like (see the Samsung example)
-not much else, to my knowledge...
Posted on def4