2 Aug
2005
2 Aug
'05
6:29 p.m.
On Tue, 2 Aug 2005, Randy Bush wrote:
even without stiffling the heap check via crashing_already (i.e. a 'fix' is developed for that weakness), is the 30-60 second window sufficient to do serious operational damage. i.e. what could an attacker do with a code injection with a mean life as short as 15-30 seconds?
change the passwords and write to nvram, and come back later? -Dan