RE: Re[2]: Solaris telnet vulnberability - how many on your network?

To: "Roger A. Grimes" <roger@xxxxxxxxxxxxxx>
Subject: RE: Re[2]: Solaris telnet vulnberability - how many on your network?
From: Gadi Evron <ge@xxxxxxxxxxxx>
Date: Wed, 14 Feb 2007 18:55:24 -0600 (CST)
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <096A04F511B7FD4995AE55F13824B8332125FB@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

On Wed, 14 Feb 2007, Roger A. Grimes wrote:
> Spectulation over whether Microsoft, Sun, or any other vendor
> intentionally put in backdoors just makes our industry seem
> unprofessional. The likelihood that either vendor did is near zero.

Although we ruled this out with Sun's full disclosure (almost completely,
never say 100% in security), no one was accusing Sun.

This is a very important issue: a backdoor does not need to be put there
by the builder.

Example: Linux kernel and two lines of code.

        Gadi.

References:
- RE: Re[2]: Solaris telnet vulnberability - how many on your network?
  - From: Roger A. Grimes

Prev by Date: Re: Solaris telnet vulnberability - how many on your network?
Next by Date: RE: defacements for the installation of malcode
Previous by thread: RE: Re[2]: Solaris telnet vulnberability - how many on your network?
Next by thread: Re: Re[2]: Solaris telnet vulnberability - how many on your network?
Index(es):
- Date
- Thread