Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Re: Solaris telnet vulnberability - how many on your network?

from [jf] Network Security [Permanent Link]
Subject: Re: Re: Re: Solaris telnet vulnberability - how many on your network?
Date: Sat, 17 Feb 2007 03:35:45 +0000 (UTC) 


I believe in the early 90's there was a serious problem discovered in intel 
chips that allowed certain standard code to be run
to overflow programs arbitrarily and gain access to operating systems in
an administrative capacity.

Also I remember the redhat (back in the day) repository being hacked and 
backdoored versions of programs being put into it.
I believe this also happened to an early version of debian or fedora at
some point also.


And how does this relate to Sun purposely putting a backdoor into their
telnet service, as that was the suggestion, not a rogue attacker invading
a CVS/FTP server and patching the source.



But I think you miss the point.


No, I think you're changing it to suit your purposes.


Scarey stuff. The job is to be paranoid. Not to be dismissive of those who 
ARE.


I'm being dismissive of those of you who would prefer to believe that this
is something that was put into the source on purpose by Sun as opposed to
a developers mistake, Occam's razor and all that. There is a difference of
paranoia and utter absurdity, and the (serious) suggestion that this was a
bug placed on purpose by Sun crosses thats line. It was a silly bug
accidently placed by (most likely) an engineer at Sun who will never live
it up, not some stupid attempt at world domination via telnet.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE:Drive-by Pharming Threat, psirt
Next by Date:  Re: Solaris telnet vulnberability - how many on your network?, Anthony R. Nemmer
Previous by Thread:  Re: Re: Re: Solaris telnet vulnberability - how many on your network?, thefinn12345
Next by Thread:  Re: Solaris telnet vulnberability - how many on your network?, Anthony R. Nemmer
Indexes:  [Date] [Thread] [Top] [All Lists]