| ||
format bugs , in addition to the wuftpd bug by Lamagra Agramal: www.securityfocus.com/archive/1/66842
Writing Secure Code, Second Edition by Michael Howard and David C. LeBlanc (Microsoft Press, 2002), Chapter 5, Public Enemy #1: Buffer Overruns
UNIX locale format string vulnerability, CORE SDI by Ivn Arce: www.securityfocus.com/archive/1/80154
Format String Attacks by Tim Newsham: www.securityfocus.com/archive/ 1/81565
Windows 2000 Format String Vulnerabilities by David Litchfield: www.nextgenss.com/papers/win32format.doc
Write It Secure: Format Strings and Locale Filtering by David A. Wheeler: www.dwheeler.com/ essays /write_it_secure_1.html