Vik Bajaj on Sun, 24 Jan 1999 15:15:24 -0500 (EST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: Security Warning:


On 24-Jan-99 LeRoy D. Cressy wrote:
> Hi All,
> 
> This just posted on the net.  It appears that some of the Linux source
> code has been comprimised.  Please take note of the following:
> 
> http://lwn.net/daily/util-linux.html

This probably among the sequelae of the recent TCP wrappers trojan situation on
win.tue.nl.  Anyone who downloads security products without signatures...well,
let's hope that such people don't exist.

BTW, as was pointed out on BUGTRAQ, the CERT advisory contains semantic errors
(i.e. connections from port 421 drop into shells, not _to_ port 421). 
Considering, first, that Wietse posted the compromised sections (and so a
cursory review of the code would have revealed the error - I haven't reviewed
the code, though), second, that Wietse explained the semantics quite clearly
and, third, that many clueless administrative-type people base security
decisions on CERT advisories, you'd think that they would avoid this error. 
Further proof of CERT's irrelevance.

--Vik

--
To unsubscribe, send a message with the word 'unsubscribe' in the subject
or body of your message to plug-request@lists.nothinbut.net