[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0702170319360.14891@localhost.localdomain>
Date: Sat, 17 Feb 2007 03:35:45 +0000 (UTC)
From: jf <jf@...glingpointers.net>
To: thefinn12345@...il.com
Cc: bugtraq@...urityfocus.com
Subject: Re: Re: Re: Solaris telnet vulnberability - how many on your network?
> I believe in the early 90's there was a serious problem discovered in intel chips that allowed certain standard code to be run
> to overflow programs arbitrarily and gain access to operating systems in
> an administrative capacity.
>
> Also I remember the redhat (back in the day) repository being hacked and backdoored versions of programs being put into it.
> I believe this also happened to an early version of debian or fedora at
> some point also.
And how does this relate to Sun purposely putting a backdoor into their
telnet service, as that was the suggestion, not a rogue attacker invading
a CVS/FTP server and patching the source.
> But I think you miss the point.
No, I think you're changing it to suit your purposes.
> Scarey stuff. The job is to be paranoid. Not to be dismissive of those who ARE.
I'm being dismissive of those of you who would prefer to believe that this
is something that was put into the source on purpose by Sun as opposed to
a developers mistake, Occam's razor and all that. There is a difference of
paranoia and utter absurdity, and the (serious) suggestion that this was a
bug placed on purpose by Sun crosses thats line. It was a silly bug
accidently placed by (most likely) an engineer at Sun who will never live
it up, not some stupid attempt at world domination via telnet.
Powered by blists - more mailing lists