| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 17 Feb 2007 03:35:45 +0000 (UTC) From: jf <jf@...glingpointers.net> To: thefinn12345@...il.com Cc: bugtraq@...urityfocus.com Subject: Re: Re: Re: Solaris telnet vulnberability - how many on your network? > I believe in the early 90's there was a serious problem discovered in intel chips that allowed certain standard code to be run > to overflow programs arbitrarily and gain access to operating systems in > an administrative capacity. > > Also I remember the redhat (back in the day) repository being hacked and backdoored versions of programs being put into it. > I believe this also happened to an early version of debian or fedora at > some point also. And how does this relate to Sun purposely putting a backdoor into their telnet service, as that was the suggestion, not a rogue attacker invading a CVS/FTP server and patching the source. > But I think you miss the point. No, I think you're changing it to suit your purposes. > Scarey stuff. The job is to be paranoid. Not to be dismissive of those who ARE. I'm being dismissive of those of you who would prefer to believe that this is something that was put into the source on purpose by Sun as opposed to a developers mistake, Occam's razor and all that. There is a difference of paranoia and utter absurdity, and the (serious) suggestion that this was a bug placed on purpose by Sun crosses thats line. It was a silly bug accidently placed by (most likely) an engineer at Sun who will never live it up, not some stupid attempt at world domination via telnet.
Powered by blists - more mailing lists