Re: Solaris telnet vulnberability - how many on your network?

Let's taper off this thread.  It's getting downright boring.

Thanks,
Anthony Nemmer

jf wrote:
> > I believe in the early 90's there was a serious problem discovered in intel 
> > chips that allowed certain standard code to be run
> > to overflow programs arbitrarily and gain access to operating systems in
> > an administrative capacity.
> >
> > Also I remember the redhat (back in the day) repository being hacked and 
> > backdoored versions of programs being put into it.
> > I believe this also happened to an early version of debian or fedora at
> > some point also.
>
> And how does this relate to Sun purposely putting a backdoor into their
> telnet service, as that was the suggestion, not a rogue attacker invading
> a CVS/FTP server and patching the source.
>
>
> > But I think you miss the point.
>
> No, I think you're changing it to suit your purposes.
>
> > Scarey stuff. The job is to be paranoid. Not to be dismissive of those who ARE.
>
> I'm being dismissive of those of you who would prefer to believe that this
> is something that was put into the source on purpose by Sun as opposed to
> a developers mistake, Occam's razor and all that. There is a difference of
> paranoia and utter absurdity, and the (serious) suggestion that this was a
> bug placed on purpose by Sun crosses thats line. It was a silly bug
> accidently placed by (most likely) an engineer at Sun who will never live
> it up, not some stupid attempt at world domination via telnet.


--

I always have coffee when I watch radar!