The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #057 [Disassembled virus?] (1 message, 610 bytes)
NOTICE: recognises the rights of all third-party works.


From: [email protected] (Barry Shein)
To: phage
Date: Sat 16:31:32 05/11/1988 EST
Subject: Disassembled virus?
References: [Thread Prev: 054] [Thread Next: 059] [Message Prev: 056] [Message Next: 055]

I agree with Doug Comer. Was there *really* anything in there that was
terribly sophisticated? I don't think so from what I've seen of it (we
had some of it at Encore late Friday.)

Let's face it, 99.9% of the virus was the hole in sendmail, he (or
anyone else) could have done *anything* with that, "rm -rf /" after
re-propagating wouldn't take much genius although more nefarious
things are possible. Exploiting .rhosts is not exactly the stuff of
rocket scientists (apologies to JPL :-)

I say publish it for the curious though I would agree to wait until
more discussion occurs, there's certainly no rush.

	-Barry Shein, ||Encore||