Hi, I'm trying to remember the name (and some information about) a past security bug, for an article.
Somewhere between 4 and 6 years ago (I think), there was a fairly major security bug reported (probably in Linux, or in SSH code, but something widely used). IIRC, the bug was a single line that called a function (possibly along the lines of CredentialsCheck), and may have involved a bit-wise or (or and) instead of a logical one. It may have been that either the routine wasn't getting called when it should, or that the programmer misinterpreted what the return value meant. Ring any bells? thanks! Stan
