[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <45D616F4.1030305@qwest.net>
Date: Fri, 16 Feb 2007 13:41:24 -0700
From: "Anthony R. Nemmer" <intertwingled@...st.net>
To: jf <jf@...glingpointers.net>
Cc: thefinn12345@...il.com, bugtraq@...urityfocus.com
Subject: Re: Solaris telnet vulnberability - how many on your network?
Let's taper off this thread. It's getting downright boring.
Thanks,
Anthony Nemmer
jf wrote:
>> I believe in the early 90's there was a serious problem discovered in intel chips that allowed certain standard code to be run
>> to overflow programs arbitrarily and gain access to operating systems in
>> an administrative capacity.
>>
>> Also I remember the redhat (back in the day) repository being hacked and backdoored versions of programs being put into it.
>> I believe this also happened to an early version of debian or fedora at
>> some point also.
>
> And how does this relate to Sun purposely putting a backdoor into their
> telnet service, as that was the suggestion, not a rogue attacker invading
> a CVS/FTP server and patching the source.
>
>
>> But I think you miss the point.
>
> No, I think you're changing it to suit your purposes.
>
>> Scarey stuff. The job is to be paranoid. Not to be dismissive of those who ARE.
>
> I'm being dismissive of those of you who would prefer to believe that this
> is something that was put into the source on purpose by Sun as opposed to
> a developers mistake, Occam's razor and all that. There is a difference of
> paranoia and utter absurdity, and the (serious) suggestion that this was a
> bug placed on purpose by Sun crosses thats line. It was a silly bug
> accidently placed by (most likely) an engineer at Sun who will never live
> it up, not some stupid attempt at world domination via telnet.
>
>
--
I always have coffee when I watch radar!
Powered by blists - more mailing lists