Firewalls: Re: Hey the crackers have a new twist 8-(.

Firewalls
(March 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Hey the crackers have a new twist 8-(.
From:	Icarus Sparry <ccsis @ ss1 . bath . ac . uk>
Date:	Sat, 26 Mar 1994 20:02:44 +0000
To:	Eric Murray <ericm @ microunity . com>
Cc:	firewalls @ greatcircle . com, rouilj @ terminus . cs . umb . edu
In-reply-to:	Your message of "Sat, 26 Mar 1994 11:32:42 PST." <9403261932 . AA01649 @ angst . microunity . com>


>Um, I thought the sendmail hole the the Morris worm used was
>the infamous 'wizard' mode, where you telnetted into the sendmail port
>and typed 'wizard'.  Then sendmail just asked for a password
>and if you provided it, dropped you in to a root shell.

Nope, it was the 'debug' hole, where you can remotely set up your
own aliases, e.g. to a program consisting of

	sed '1,/^$/d' | sh

References:

Re: Hey the crackers have a new twist 8-(.
From: ericm @ MicroUnity . com (Eric Murray)

Indexed By Date	Previous:	Re: Hey the crackers have a new twist 8-(. From: ericm @ MicroUnity . com (Eric Murray)
Indexed By Date	Next:	Re: Hey the crackers have a new twist 8-(. From: Brent Chapman <brent @ mycroft . GreatCircle . COM>
Indexed By Thread	Previous:	Re: Hey the crackers have a new twist 8-(. From: ericm @ MicroUnity . com (Eric Murray)
Indexed By Thread	Next:	Re: Hey the crackers have a new twist 8-(. From: Ian Dunkin <imd1707 @ ggr . co . uk>