[linux-elitists] MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

John S J Anderson jacobs@genehack.org
Wed Jan 29 21:41:40 PST 2003


Around Thu, Jan 30, 2003 at 05:09:45AM +0000, Karsten M. Self gave forth with:
> Graham largely supports my conclusion:  patching isn't effective
> against this kind of threat.

   For values of "this kind of threat" that equal "a flaw that can be
   exploited via a single well-crafted UDP packet, and that relies on
   yet another instance of the world's best known dumbass C coding
   mistake".

john.

-- 
When in doubt, parenthesize.  At the very least it will let some
poor schmuck bounce on the % key in vi.
             -- Larry Wall in the perl man page
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20030130/5bf43603/attachment.pgp 


More information about the linux-elitists mailing list