ABSTRACT
Format string vulnerabilities were first discovered in the
early 1990s when C shell (csh) was being fuzz tested for
defects. But it was not until 2000, when a publication on a
format string exploit of the Washington University File
Transfer Protocol daemon (WU-FTPD) was made, that
the Bugtraq mailing list exposed what was primarily
restricted to certain “hacking” groups.