Vulnerability Development mailing list archives
Re: Telnetd exploit for solaris
From: "Gnuthad" <securityfocus () aussie mine nu>
Date: Sat, 8 Sep 2001 14:07:17 +1000
On 6 Sep 2001, at 21:01, fintler wrote:
If he's researching on how exploits are developed why doesn't he/she take a look at the thousands of exploits already out there? What's so special about this one?
Why is it up to you to determine what is special about any particular exploit? I don't care too much about CodeRed because I don't run IIS as my web server, however, I'm still interested in it because of how it worked. Is it therefore wrong of me to search for the code for CodeRed and determine exactly how it worked? After all, how it worked *might* be able to be adapted to other platforms/servers. How do I know unless I get a copy to check first?
You say admins use exploits to test their own hardware, but you also mention that after a patch is applied, it may only prevent that particular version of the exploit to work, while others that are circulated less, still do. Don't you think that this may provide a false sense of security in that the admin may now think that the system is no longer vulnerable because that particular exploit the admin found on bugtraq no longer works? Wouldn't a detailed explanation of the problem that gets into the specific details (aka advisary) be more useful and cause less problems compared to something that can be compiled straight off the list?
Se above, one exploit may provide indiactions of other exploits that other people have not yet seen. I was always under the assumption that this was the way Open Source worked, give everyone access to the source so you have hundreds/thousands of independant minds looking over the code and optimising/debugging/improving it where only a handful would otherwise be able to do this.
I don't really see what you mean by community, a community is just a group or ppl who share a common interest. From my point of view all I see is a *very* small percentage who share an interest in pitching in, and a very large group that takes that work and uses it for some type of personal gain. For example, out of the many people who subscribe to bugtraq, how many have ever thrown their 2 cents in, I'm almost positive it is a small percent.
I'm sorry, I didn't realise that subscription to any of the securityfocus mailing lists was dependant on "throwing my 2 cents in". I'll be sure to unsubscribe immediately. While I might not be able to assist by writing code/finding exploits, I'm sure it would be very obvious to all and sundry that, just by lurking here and reading all about CodeRed, had I been vulnerable to the exploit and patched my system, I would have helped hundreds or thousands of people around the world by not being yet another exploited server that was sending useless crap onto the internet from CodeRed. Gnuthad PGP Key Block available at: http://aussie.mine.nu/aussie/pgp_key.txt
Current thread:
- Re: Telnetd exploit for solaris, (continued)
- Re: Telnetd exploit for solaris Robert A. Seace (Sep 06)
- Re: Telnetd exploit for solaris lazy (Sep 05)
- Re: Telnetd exploit for solaris Federico Bellizia (Sep 06)
- Re: Telnetd exploit for solaris sween (Sep 06)
- RE: Telnetd exploit for solaris moran (Sep 06)
- Telnetd exploit for solaris dove (Sep 06)
- Re: Telnetd exploit for solaris Josh Crane (Sep 06)
- Re: Telnetd exploit for solaris fintler (Sep 06)
- Re: Telnetd exploit for solaris Gerard Palma (Sep 07)
- Re: Telnetd exploit for solaris Big Woz (Sep 07)
- Re: Telnetd exploit for solaris Gnuthad (Sep 08)
- Re: Telnetd exploit for solaris fintler (Sep 06)
- Re: Telnetd exploit for solaris fintler (Sep 06)
- Re: Telnetd exploit for solaris Marc Soda (Sep 07)
- RE: Telnetd exploit for solaris Oliver Petruzel (Sep 07)