Great Circle Associates Firewalls
(March 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Hey the crackers have a new twist 8-(.
From: Sean McLinden <sean+ @ andrew . cmu . edu>
Date: Sat, 26 Mar 1994 13:34:40 -0500 (EST)
To: firewalls @ GreatCircle . COM, "John P. Rouillard" <rouilj @ terminus . cs . umb . edu>
In-reply-to: <199403261801 . AA13155 @ cs . umb . edu>
References: <199403261801 . AA13155 @ cs . umb . edu> 
[Description of mailing a script to a shell on sendmail-based systems deleted.]

This "sort of attack" was the basis for the Morris Internet Worm which
attracted (inter)national attention a few years back (I always preferred
the term "Trojan Horse") This "feature" of sendmail and some other
Unix-based mailers was well documented and, frankly, I am astounded that
any person who collected a paycheck as a security officer for Unix
systems would not know about this. In fact, one of the ironies of the
Morris incident was that Morris used a feature which was actually well
known in the Unix community and for which the security implications were
also well known.

Sean McLinden
Follow-Ups:
References:
Indexed By Date Previous: Hey the crackers have a new twist 8-(.
From: "John P. Rouillard" <rouilj @ terminus . cs . umb . edu>
Next: Re: Hey the crackers have a new twist 8-(.
From: Brent Chapman <brent @ mycroft . GreatCircle . COM>
Indexed By Thread Previous: Hey the crackers have a new twist 8-(.
From: "John P. Rouillard" <rouilj @ terminus . cs . umb . edu>
Next: Re: Hey the crackers have a new twist 8-(.
From: ericm @ MicroUnity . com (Eric Murray)
Google
 
Search Internet Search www.greatcircle.com