|
|
ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #164 [some points to make with the media] (1 message, 809 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/164.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: encore!pinocchio!bzs@talcott.harvard.edu (Barry Shein)
To: phage
Date: Tue 12:54:22 08/11/1988 EST
Subject: some points to make with the media
References:
[Thread Prev: 161]
[Thread Next: 085]
[Message Prev: 163]
[Message Next: 166]
>Your second point is too strong; while only Sun-3s and VAXen were >susceptible to this particular incarnation, there is clearly no reason >to think that any UNIX system on the net couldn't have been targeted. >All it would have taken was a few more .o files, or even source if >the author had wanted to expose the code. There clearly *is* a reason, try: "Any system which shipped sendmail with debug enabled and/or had the fingerd bug (or even shipped a fingerd)" Surely you don't claim that all vendors shipped their software this way? (you're wrong if you do.) And if not, why implicate them? Misery loves company? AT&T doesn't even *ship* TCP/IP last I checked (third-party only, right?), much less shipping sendmail and fingerd with the aforementioned bugs. You're treading into murky waters of what might have been. I say stick to the facts. (Isn't it true that Ultrix shipped w/o the debug option? Now *that* should be mentioned.) -Barry Shein, ||Encore||
END OF DOCUMENT
| ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved. |