lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <42C87CB6.15054.1283ED13@localhost>
Date: Mon Jul  4 00:03:57 2005
From: stuart at cyberdelix.net (lsi)
Subject: alert: the 111111 bug

platforms affected: all
distribution of threat: wide
severity of threat: potentially serious
leadtime: 6.3 years :)

I noticed one of my customers using the "special" date of 11/11/11 in 
their database.  

I've since realised this practice might be quite widespread, and 
indeed warrants an alert than on or around the 11th of November 2011, 
some crazy things might happen, as folks' "special" dates collide 
with the real date of 11/11/11.  

For this customer 11/11/11 in the date field means, don't process 
this record, which will obviously cause problems with legitimate 
transactions on that date.  

I suspect using a new field to flag a state, instead of "special" 
data, would have been more appropriate.  

Apologies if this is old news for you.

Stu

---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/

--- 
 * Origin: lsi: revolution through evolution (192:168/0.2)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ