Full Disclosure mailing list archives
RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!
From: "Joe Klein" <jsklein () mindspring com>
Date: Sat, 25 Jan 2003 22:52:34 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here is an interesting idea. If the database vulnerability and the patch has been available for over 6 months, wouldn't this be proof of "Lack of Due Care" by the companies which were impacted? Sounds like a potential class action suite against management of all public companies impacted. I suspect by there lack of action, it will impact all the stocks on Monday. The other question comes to mind. If this happended, how secure is the rest of the company networks. Anyone know of a lawyer who would be interested in taking a case like this? Joe Klein jsklein () mindspring com - -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Ron DuFresne Sent: Saturday, January 25, 2003 8:01 PM To: Jason Coombs Cc: Richard M. Smith; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure' Subject: Re: [Full-disclosure] RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! You'll find that you underestimate the number of banks and credit related transactions that use internet connectivity to transact transfers and payment activity. Pay attention next time you use a ATM or credit card at the gas pumps or the grocery, or a card in those ATM's in various malls and stores. You'll hear the modems in many dialing during the 'authorization' phase of the transaction, and few are dialing into a private networked system. Thanks, Ron DuFresne On Sat, 25 Jan 2003, Jason Coombs wrote:
Bank of America should never have allowed their ATM network to rely on routes that could be impacted by non-ATM network computer systems. That Sapphire might have had this effect makes the sensibility behind writing and releasing it even more apparent, if this was in fact defensive work of a government agency as my speculation suggested. Jason Coombs jasonc () science org -----Original Message----- From: Richard M. Smith [mailto:rms () computerbytesman com] Sent: Saturday, January 25, 2003 1:11 PM To: jasonc () science org; 'Jay D. Dyson'; 'Bugtraq'; 'Full-Disclosure' Subject: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! However, this worm might not be so harmless as it appears because of collateral damage: Bank of America ATMs Disrupted by Virus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBPjNbgT1Xm8BE1/6HEQJJLgCglZ/zgYkaZ/HOz9BWdUb2X3igNlcAoN9E t075RClV90Q7NAqx5uE5aC19 =fst/ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Richard M. Smith (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jason Coombs (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ron DuFresne (Jan 25)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Joe Klein (Jan 26)
- RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Curt Purdy (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Benjamin Krueger (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Douglas F. Calvert (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Ron DuFresne (Jan 25)
- Re: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Rick Kelly (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Matt Smith (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Nick Jacobsen (Jan 26)
- Re: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! madsaxon (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Greg A. Woods (Jan 25)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! moksha faced (Jan 27)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jason Coombs (Jan 27)
(Thread continues...)
- RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434! Jason Coombs (Jan 25)