Security hole in gnu-win32-gcc
Daniel Kroening
kroening@hit.handshake.de
Wed Sep 10 10:28:00 GMT 1997
Hello,
I discovered a security hole in cygnus gnu-win32 gcc: Obviously,
allocated ram is not initialised. The generated binaries thus contain
parts of the main memory of the machine compiling it. In binaries, where
uninitialied arrays are, I discovered parts of web pages and other data
of the memory. It might sound harmless, but confident documents or even
pgp secret keys might get disclosed.
Daniel Krvning
-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request@cygnus.com" with one line of text: "help".
More information about the Cygwin
mailing list