[RC5] Tear attack vulnerability

Roy Wilson emperor at slic.com
Mon Mar 16 07:52:15 EST 1998


On Mon, 16 Mar 1998 00:12:37 -0600 (CST), Joe Zbiciak wrote:

>| 	BTW, don't use the M$ patch I mention above if you're on ICQ - Port
>| 4000 is the one ICQ uses.
>
>Of course, from what I hear, ICQ's software makes M$ software look like
>Fort Knox, at least from a security standpoint.  :-)

	Well...  yes, but...  it's wide open for a couple of other attack
methods.  If you run the "native" 95/NT executable, the exploits will lock
you up cold or do other nasties.

	Doesn't happen under OS/2, for a couple of reasons.  #1 is that the
system actually comparmentalizes running programs.  #2 is that it's a JAVA
client, so there isn't much it can exploit other than memory
stuffing/leaking.

	If you're on ICQ (I'm 8094267) you should consider using the Java
client rather than an executable.

>On a separate note...
>
>BTW, has anyone heard anything on the vulnerability of OS/2's TCP/IP
>stack to these varied attacks?  I see Win95, *BSD, Linux, Solaris, and
>even routers mentioned all the time, but I can't remember the last time
>I've seen OS/2 mentioned.  Is it because OS/2's TCP/IP is really solid,
>or is it because nobody has cared to try these attacks against it?

	The IBM stack is solid.  ATM machines use it, so it's been looked
at inside out and upside down for security holes.



Roy Wilson <emperor at slic.com> <ICQ 8094267>
Lat: 44.850959 Lon: -74.40286 [+/- 6']



--
To unsubscribe, send 'unsubscribe rc5' to majordomo at lists.distributed.net
rc5-digest subscribers replace rc5 with rc5-digest



More information about the rc5 mailing list