| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <003901c2c4ee$5ea35c20$3301a8c0@NetworkSecurityAssociates.com> From: jsklein at mindspring.com (Joe Klein) Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here is an interesting idea. If the database vulnerability and the patch has been available for over 6 months, wouldn't this be proof of "Lack of Due Care" by the companies which were impacted? Sounds like a potential class action suite against management of all public companies impacted. I suspect by there lack of action, it will impact all the stocks on Monday. The other question comes to mind. If this happended, how secure is the rest of the company networks. Anyone know of a lawyer who would be interested in taking a case like this? Joe Klein jsklein@...dspring.com - -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Ron DuFresne Sent: Saturday, January 25, 2003 8:01 PM To: Jason Coombs Cc: Richard M. Smith; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure' Subject: Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! You'll find that you underestimate the number of banks and credit related transactions that use internet connectivity to transact transfers and payment activity. Pay attention next time you use a ATM or credit card at the gas pumps or the grocery, or a card in those ATM's in various malls and stores. You'll hear the modems in many dialing during the 'authorization' phase of the transaction, and few are dialing into a private networked system. Thanks, Ron DuFresne On Sat, 25 Jan 2003, Jason Coombs wrote: > Bank of America should never have allowed their ATM network to rely on > routes that could be impacted by non-ATM network computer systems. > > That Sapphire might have had this effect makes the sensibility behind > writing and releasing it even more apparent, if this was in fact > defensive work of a government agency as my speculation suggested. > > Jason Coombs > jasonc@...ence.org > > -----Original Message----- > From: Richard M. Smith [mailto:rms@...puterbytesman.com] > Sent: Saturday, January 25, 2003 1:11 PM > To: jasonc@...ence.org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure' > Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! > > > However, this worm might not be so harmless as it appears because of > collateral damage: > > Bank of America ATMs Disrupted by Virus > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPjNbgT1Xm8BE1/6HEQJJLgCglZ/zgYkaZ/HOz9BWdUb2X3igNlcAoN9E t075RClV90Q7NAqx5uE5aC19 =fst/ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists