xsprite@bigfoot.com writes:

Well, with a c program, the first exploitable bug you are likely to find is a buffer overflow. With perl, you move into the realm of shopping carts, webmail and so on. Quite often authentication mechanisms are insufficient, poorly thought out. Also there's the old open(HANDLE, $userstring); thing (where $userstring is set to "/bin/rm -rf / |")

Ah, sorry, I interpreted:

"once you take out buffer overflows you end up with the inability of programmers to create a decent authentication system. (Think hotmail, banks, etc)"

as meaning that without buffer overflows, you cannot create a decent authentication system, which goes against everything I've ever seen, of course. If we just mean insecure execution with user-tainted data, then I know that bug (and I'm just trying to eradicate it from yet another place).