funsec mailing list archives
Re: Hey old people
From: Tom Van Vleck <thvv () multicians org>
Date: Thu, 22 Dec 2005 15:27:37 -0500
On Dec 21, 2005, at 12:48 PM, Blue Boar wrote:
Valdis.Kletnieks () vt edu wrote:Certain larger models of the IBM S/360 had "imprecise interrupts" - meaning thata program check could be recognized after the instruction had alreadycompleted. This was particularly a problem on the mod 95, which had a 6-deep instructionNow you're talking! In fact, I have a reference to a vulnerability that sounds just like what you describe, but it doesn't name the OS or hardware. Do you know if the problem was *known* in '69? Do you have any kind of documentation that was written up at the time? Sounds like you know it yourself pretty well... possibly your word might qualify.Alternately, anyone have a copy of this?Goheen, S.M., and Fiske, R.S., OS/360 Computer Security Penetration Exercise, Mitre Corp., Bedford Mass., October 1972.(Christie at Mitre is supposed to be looking for us... but in case any of you have it handy, or you know... over in the university library ;) )
Wow. Bob Fiske was one of my room mates freshman year at MIT (1961). And another friend of mine dated Goheen. These are not nearly old enough though. But one gets into the question of the definition of vulnerability. e.g. it was well known that one could disable the 7094 FMS supervisor's job time limit counter and accounting by storing zero in a certainlocation in core. (No, I'm not going to say which one on an open channel.)
That was a vulnerability in a system with no memory protection where only one job was running at a time, circa 1962. A little later, there was a documented bug in CTSS where programs that increased their memory allocation size would get non-zeroed core. So a programmer in the system group wrote a little program to start small, get big, scan its new memory for passwords. Quickly got root, that is, Dick Mills's password. This would be 1965 or so. You folks have looked at Donn Parker's book, right, and you are looking for things earlier than his earliest? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Hey old people, (continued)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people Roland Dobbins (Dec 21)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people David Lodge (Dec 21)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people Roland Dobbins (Dec 21)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people Tom Van Vleck (Dec 22)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people Drsolly (Dec 21)
- Re: Hey old people Valdis . Kletnieks (Dec 21)
- Re: Hey old people Tom Van Vleck (Dec 22)
- Re: Hey old people dudevanwinkle () gmail com (Dec 22)
- Re: Hey old people Blue Boar (Dec 22)
- Re: Hey old people Drsolly (Dec 22)
- Re: Hey old people Roland Dobbins (Dec 22)
- Re: Hey old people Tom Van Vleck (Dec 22)
- Re: Hey old people Roland Dobbins (Dec 21)
- Re: Hey old people Blue Boar (Dec 21)
- Re: Hey old people Jeff Kell (Dec 21)