a holiday gift from Robert "wormer" Morris
Paul Vixie
vixie at decwrl.dec.com
Mon Nov 7 05:36:10 AEST 1988
# the hole [in sendmail] was so obvious that i surmise that Morris
# was not the only one to discover it. perhaps other less
# reproductively minded arpanetters have been having a field
# 'day' ever since this bsd release happened.
I've known about it for a long time. I thought it was common knowledge
and that the Internet was just a darned polite place. (I think it _was_
common knowledge among the people who like to diddle the sendmail source.)
The bug in fingerd was a big surprise, though. Overwriting a stack frame
on a remote machine with executable code is One Very Neat Trick.
--
Paul Vixie
Work: vixie at decwrl.dec.com decwrl!vixie +1 415 853 6600
Play: paul at vixie.sf.ca.us vixie!paul +1 415 864 7013
More information about the Comp.unix.wizards
mailing list