Xref: utzoo comp.protocols.tcp-ip:5245 comp.unix.wizards:12221
Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!ucsfcgl!seibel
From: seibel@cgl.ucsf.edu (George Seibel%Kollman)
Newsgroups: comp.protocols.tcp-ip,comp.unix.wizards
Subject: Re: a holiday gift from Robert "wormer" Morris
Message-ID: <11229@cgl.ucsf.EDU>
Date: 9 Nov 88 04:48:43 GMT
References: <1698@cadre.dsl.PITTSBURGH.EDU> <2060@spdcc.COM> <76424@sun.uucp> <11226@cgl.ucsf.EDU>
Reply-To: seibel@cgl.ucsf.edu.UUCP (George Seibel)
Distribution: na
Organization: UCSF Computer Graphics Lab
Lines: 13

In article <11226@cgl.ucsf.EDU> I write:

>file protections, setuid scripts and the like, and all the while, *anyone*
>with the appropriate knowledge (and apparently a lot of people had it)
>could have done *anything* they wanted to your machine!

Oops.. not *anything*, perhaps *some* things... the sendmail bug doesn't
provide root access; more likely 'daemon' or something of that sort.
One of our local hosts did have the root password cracked in the recent
worm attack, but that was due to poor choice of root password rather
than any of the myriad *other* security holes we learned about courtesy
of Mr. Morris.  My appologies for the misinformation.

George Seibel