Path: utzoo!utgpu!attcan!uunet!husc6!purdue!haven!mimsy!chris
From: chris@mimsy.UUCP (Chris Torek)
Newsgroups: comp.unix.wizards
Subject: Re: Implications of recent virus (Trojan Horse) attack
Keywords: virus security
Message-ID: <14465@mimsy.UUCP>
Date: 10 Nov 88 12:11:46 GMT
References: <1698@cadre.dsl.PITTSBURGH.EDU> <2151@ficc.uu.net> <8845@smoke.BRL.MIL>
Distribution: na
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 20

In article <8845@smoke.BRL.MIL> gwyn@smoke.BRL.MIL (Doug Gwyn ) writes:
>The technical problems that were exploited were mostly sloppiness that
>nobody had reviewed and corrected in time.  We know of a few other
>similar security holes that the virus didn't try to exploit.

Well, good grief, SEND THEM TO US.  WE *WILL* FIX THEM.  This is a
large part of what comp.bugs.4bsd.ucb-fixes is about.  (Or do you mean
that they are fixed in 4.3tahoe but not other 4BSD-derived systems?)

>Try the following on your favorite remote 4BSD-based system:
>	rlogin host -l ''

I get:

	`Password:'

Obviously this one has been fixed in 4.3tahoe.
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@mimsy.umd.edu	Path:	uunet!mimsy!chris