Bugtraq mailing list archives
Re: Fwd: Any user can panic OpenBSD machine
From: mejenn01 () STARBASE SPD LOUISVILLE EDU (Michael Jennings)
Date: Tue, 28 Jul 1998 12:49:47 -0400
On Monday, 27 July 1998, at 22:05:45 (-0600), Theo de Raadt <deraadt () CVS OPENBSD ORG> wrote:
However, this bug does not by itself provide anyone with a way to gain elevated priviledges and greater control of the system. That is what most of us normally call an 'exploit', or has the lingo changed recently?
I won't even begin to count the "exploits" which have passed across this list recently that result in no machine compromise other than simple denial of a single service. I can't understand why one would want to point fingers at this particular issue, especially in light of the fact that it deals with the DoS of the entire operating system, after so many recent examples of much tamer "exploits."
On the other hand, my guess is that people expect a whole lot of OpenBSD now, which well, is fine, we will continue to try.. but don't get too upset if a few human failings show through. I am on a few Linux developer mailing lists, and I see ways to crash Linux get discussed all the time. But I have not seen many ways to crash Linux on BUGTRAQ, so I think people expect more of us.
Don't people always expect more of those who, at least in their own minds, have more to prove? Just look at the consumer expectations of NT versus those of UNIX....
Well, I find it hard to believe that you are making that particular statement without bias. We are human, too. We make mistakes from time to time. Who knows, maybe tomorrow someone will crash your machine using such an `exploit' for your favorite operating system.
Perhaps so. And if they do, rest assured that I'll post the exploit information to BUGTRAQ. That is, after all, the whole point, isn't it? Passing information into the hands of those who need it and may be affected by it.
Black hats distribute information on how to crash systems? I thought they were concentrating on breaking root.
Then you haven't been paying attention lately. Let's see here... ping of death...NT BSOD exploits a-plenty...Exchange Server and IIS DoS attacks...Appex terminal server DoS.... I could go on for days. As much as I agree with you 99.9% of the time, I have to take issue with this one, Theo. Perhaps it hit closer to home than some, but it's still an exploit. Michael -- "Though it's been a while now, I can still feel so much pain. Like the knife that cuts you, the wound heals, but the scar, that scar remains." -- Poison, "Every Rose Has Its Thorn" ======================================================================= Michael Jennings http://www.tcserv.com/ <mej () tcserv com> Senior Systems Engineer, Synectics, Inc. http://www.synectics.com/
Current thread:
- Re: Fwd: Any user can panic OpenBSD machine, (continued)
- Re: Fwd: Any user can panic OpenBSD machine Alfred Huger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- CERT Vendor-Initiated Bulletin VB-98.07 - OpenVMS.LOGINOUT (fwd) Phillip R. Jaenke (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Timothy J Luoma (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Cy Schubert (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Peter W (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Kragen (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Michael Jennings (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Chris Wedgwood (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Gert Doering (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Shaw (Jul 27)