SECURITY BUG IN INTERACTIVE UNIX SYSV386
Heiko Blume
src at scuzzy.in-berlin.de
Thu Feb 14 09:07:53 AEST 1991
jtc at motcad.portal.com (J.T. Conklin) writes:
>In article <1991Feb11.184130.11321 at jwt.UUCP> john at jwt.UUCP (John Temples) writes:
>>Now, the question is, what do we do to protect ourselves in the meantime?
>If I remember correctly, Sun Microsystems sent out a fixed version of
>sendmail to its customer base free of charge the week after the Internet
>Worm Attack. I see no reason why we should expect less from the i386
>UNIX vendors. In my opinion, any vendor that doesn't respond to this
>problem with the attention it is due, doesn't deserve to be in business.
especially considering the fact that they tell you (implicitly) in the release
notes that there is THE security problem in all 2.0.2 systems
and how to fix it in 2.2, only that they didn't mention that you
need a math co for it to work. the WORST feature ever!
--
Heiko Blume <-+-> src at scuzzy.in-berlin.de <-+-> (+49 30) 691 88 93
public source archive [HST V.42bis]:
scuzzy Any ACU,f 38400 6919520 gin:--gin: nuucp sword: nuucp
uucp scuzzy!/src/README /your/home
More information about the Comp.unix.sysv386
mailing list