Bugtraq mailing list archives
More on the Java holes
From: gem () RSTCORP COM (Gary McGraw)
Date: Fri, 28 Feb 1997 16:56:04 -0500
This will be a bit of "yadda yadda" for bugtraq folk, but whatever. My posting from yesterday did not place proper emphasis on just how dangerous port scanning can be. Just for the record, port scanning is *very bad* since you might be able to discover things like weak sendmails listening on port 25. Microsoft considered the second attack enough of a problem to release a patch. MSIE users should go get it. Major Malfunction and Ben Laurie have performed a valuable service in helping to educate Web users of the risks of executable content. My posting is not meant to discredit their work, just to nip any hysteria in the bud by trying to explain what they have done clearly. Gary McGraw *------------------------------------------------------------------* | Dr. Gary McGraw gem () rstcorp com | (__) | |-----------------------------------------| (oo) | | Research Scientist | /-------\/ | | Reliable Software Technologies (RST) | / | || | | Sterling, VA | * ||----|| | | <http://www.rstcorp.com/~gem> | ^^ ^^ | *------------------------------------------------------------------*
Current thread:
- More on the Java holes Gary McGraw (Feb 28)