<<< Date Index >>>     <<< Thread Index >>>

Re: Re: Re: Solaris telnet vulnberability - how many on your network?



> I believe in the early 90's there was a serious problem discovered in intel 
> chips that allowed certain standard code to be run
> to overflow programs arbitrarily and gain access to operating systems in
> an administrative capacity.
>
> Also I remember the redhat (back in the day) repository being hacked and 
> backdoored versions of programs being put into it.
> I believe this also happened to an early version of debian or fedora at
> some point also.

And how does this relate to Sun purposely putting a backdoor into their
telnet service, as that was the suggestion, not a rogue attacker invading
a CVS/FTP server and patching the source.


> But I think you miss the point.

No, I think you're changing it to suit your purposes.

> Scarey stuff. The job is to be paranoid. Not to be dismissive of those who 
> ARE.

I'm being dismissive of those of you who would prefer to believe that this
is something that was put into the source on purpose by Sun as opposed to
a developers mistake, Occam's razor and all that. There is a difference of
paranoia and utter absurdity, and the (serious) suggestion that this was a
bug placed on purpose by Sun crosses thats line. It was a silly bug
accidently placed by (most likely) an engineer at Sun who will never live
it up, not some stupid attempt at world domination via telnet.