a holiday gift from Robert "wormer" Morris
Don Ferencz
ferencz at cwsys3..CWRU.Edu
Tue Nov 8 01:55:05 AEST 1988
In article <24 at jove.dec.com> vixie at decwrl.dec.com (Paul Vixie) writes:
>
>I've known about it for a long time. I thought it was common knowledge
>and that the Internet was just a darned polite place. (I think it _was_
>common knowledge among the people who like to diddle the sendmail source.)
>
>The bug in fingerd was a big surprise, though. Overwriting a stack frame
>on a remote machine with executable code is One Very Neat Trick.
I wasn't aware of these tricks, but I find them interesting now, knowing
what security hazards they pose. Is there some place interested
[sick, twisted] individuals like me could get more information on
Morris' handiwork? It would be a benefit from a security aspect. I also
realize that presenting such information could be considered another
risk, perhaps "inviting" someone else to subject us to the same
peril (although most of the net is now "immunized" against this
particular virus).
===========================================================================
| Don Ferencz | "And in the end/ |
| ferencz at cwsys3.cwru.EDU | The love you take/ |
| Department of Systems Engineering | Is equal to the love you make." |
| Case Western Reserve University | -- The Beatles |
===========================================================================
More information about the Comp.unix.wizards
mailing list