[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <003901c2c4ee$5ea35c20$3301a8c0@NetworkSecurityAssociates.com>
From: jsklein at mindspring.com (Joe Klein)
Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here is an interesting idea. If the database vulnerability and the patch has been available for over 6 months, wouldn't this be proof of "Lack of Due Care" by the companies which were impacted? Sounds like a potential class action suite against management of all public companies impacted. I suspect by there lack of action, it will impact all the stocks on Monday. The other question comes to mind. If this happended, how secure is the rest of the company networks.
Anyone know of a lawyer who would be interested in taking a case like this?
Joe Klein
jsklein@...dspring.com
- -----Original Message-----
From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Ron DuFresne
Sent: Saturday, January 25, 2003 8:01 PM
To: Jason Coombs
Cc: Richard M. Smith; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
Subject: Re: [Full-Disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
You'll find that you underestimate the number of banks and credit related transactions that use internet connectivity to transact transfers and payment activity. Pay attention next time you use a ATM or credit card at the gas pumps or the grocery, or a card in those ATM's in various malls and stores. You'll hear the modems in many dialing during the 'authorization' phase of the transaction, and few are dialing into a private networked system.
Thanks,
Ron DuFresne
On Sat, 25 Jan 2003, Jason Coombs wrote:
> Bank of America should never have allowed their ATM network to rely on
> routes that could be impacted by non-ATM network computer systems.
>
> That Sapphire might have had this effect makes the sensibility behind
> writing and releasing it even more apparent, if this was in fact
> defensive work of a government agency as my speculation suggested.
>
> Jason Coombs
> jasonc@...ence.org
>
> -----Original Message-----
> From: Richard M. Smith [mailto:rms@...puterbytesman.com]
> Sent: Saturday, January 25, 2003 1:11 PM
> To: jasonc@...ence.org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure'
> Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
>
>
> However, this worm might not be so harmless as it appears because of
> collateral damage:
>
> Bank of America ATMs Disrupted by Virus
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
iQA/AwUBPjNbgT1Xm8BE1/6HEQJJLgCglZ/zgYkaZ/HOz9BWdUb2X3igNlcAoN9E
t075RClV90Q7NAqx5uE5aC19
=fst/
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists