[RC5] My impatient cohorts
emperor at slic.com
Mon Mar 16 00:55:22 EST 1998
On Sun, 15 Mar 1998 23:39:13 -0600 (CST), Joe Zbiciak wrote:
>| That isn't scuttlebutt - it's a serious security hole. 13-15 place
>| "names" of bogus websites will cause the condition.
>I didn't mean to make it sound like it should be ignored. Given that
>Winsock 2.0 is in Win98, and that Microsoft is really pushing to get
>that stable, I think a patch for this bug should be available pretty
>soon. (Although I hear the bug isn't really directly in Winsock 2.0,
>and that Win98 may not be vulnerable. I take such reports with a grain
>of salt, pepper, and other choice spices. ;-)
M$ software is riddled with security holes (and outright bugs).
The problem is that it's all the 8/16b legacy code they've got in it. It's
not going to be fixed without a ground-up approach, and I don't foresee M$
doing anything more than they are now about the problems - ignore them
until enough people yell, then issue a patch that will work on machines
built during lunchtime on prime-numbered Thursdays.
If you've applied the M$ patches against Tear, NewTear, and
Teardrop2, you aren't protected against them. The patches listen on port
4000 for the dummy initiator packet. That's *it*. Change the packet
channel and you zip right past it. Sun and a couple of the Linux systems
put out patches that *work*, simply by preventing the flood condition.
BTW, don't use the M$ patch I mention above if you're on ICQ - Port
4000 is the one ICQ uses.
Roy Wilson <emperor at slic.com> <ICQ 8094267>
Lat: 44.850959 Lon: -74.40286 [+/- 6']
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest
More information about the rc5