From GPWiki
eNet is a thin, low-level, cross-platform, UDP-based networking library.
NOTE
A presumed major security hole regarding eNet is described at: http://www.security.nnov.ru/Fnews887.html
Lee Salzman, the developer of eNet, regarding this issue:
That was just some random script kiddie looking to make a name for
himself by going around and finding buffer overflows in whatever
irrelevant projects he can prey upon.
But, to answer your question: is ENet bullet-proof? No. Obvious exploits
have been fixed, but I'm sure if you went over it in fine detail you
could still find something to exploit. I don't think there's a
networking library where that's not the case, just that they have
obscurity working on their side. The only reason I guess it matters in
ENet is because the source is available, so you lose the obscurity
angle. But there are always simple ways to DoS something without having
intricate knowledge of the code. [continued]
http://lists.puremagic.com/pipermail/enet-discuss/2006-August/000625.html
Related Weblinks
|
|
