Bugtraq mailing list archives
Re: How was the majordomo bug found ?
From: lgas () cs UMD EDU (John Evans)
Date: Thu, 9 Jun 1994 18:37:28 -0400 (EDT)
On Thu, 9 Jun 1994, Vincent D. Skahan wrote:
I suppose I'm curious if:
- one of the 'bad guys' "dropped a dime" on one of his pals
- somebody bled over the source code who had enough experience
reading the code in that language to see a problem.
- somebody had some proactive monitoring in place that we all should
know about and implement.
How about a lot of the 'bad guys' are dumb. Sooner or later, one of the dumb 'bad guys' finds out about a hole like this from one of the more intelligent ones and starts abusing the hell out of it, giving it to all his friends, etc, and sooner or later everyone knows about it. My guess is this is what happens in 99% of cases where it's not blatantly obvious how someone got on a system. - John
Current thread:
- How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? Brent Chapman (Jun 09)
- Re: How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? John Evans (Jun 09)
- Majordomo CERT advisory (modified by rouilj) John P. Rouillard (Jun 09)
- Re: How was the majordomo bug found ? Vincent D. Skahan (Jun 09)
- Re: How was the majordomo bug found ? Eric Vyncke (Jun 09)
- Re: How was the majordomo bug found ? Karl Strickland (Jun 10)
- Re: How was the majordomo bug found ? Evil Pete (Jun 10)
- Sequent/DYNIX Security Hole Christian A. Ratliff (Jun 10)
- Re: How was the majordomo bug found ? Brent Chapman (Jun 09)