[51910] in North American Network Operators' Group
RE: VU#210321
daemon@ATHENA.MIT.EDU (CERT(R) Coordination Center)
Tue Sep 10 11:02:02 2002
From: "CERT(R) Coordination Center" <cert@cert.org>
Reply-To: "CERT(R) Coordination Center" <cert@cert.org>
Date: Tue, 10 Sep 2002 10:53:07 -0400 .
To: "Derek Samford" <dsamford@fastduck.net>
Cc: "CERT(R) Coordination Center" <cert@cert.org>, nanog@merit.edu
In-Reply-To: <000101c258d7$7031a5b0$5201a8c0@server> from Derek Samford on
Tue, 10 Sep 2002 10:36:24 -0400
Errors-To: owner-nanog-outgoing@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hi, Derek.
>So right now this is a scary rumor floating around the security
>scene?
Right. Rumors for now...
>Is there any particular trace, or any further details your aware
>of?
Not at this time.
>Also, I think it Amay be safe to assume the Mac OS X/Jaguar may be
>vulnerable as well. AFAIK it runs of the BSD IP Stack, so it's more than
>likely that it is vulnerable if this exploit is in fact a reality. I'll
>keep an eye out for any suspicious traffic myself, as I'm sure will the
>rest of the list.
Thank you, we really appreciate it.
>Thanks for the warning, as if this is real, it could
>be be potentially very harmful. Any great C Coders out there start
>pouring over the code yet?
Glad to be of help. I really appreciate the feedback we get from the
NANOG community.
Thanks again,
Ian
Ian A. Finlay
CERT (R) Coordination Center
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA USA 15213-3890
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv
iQCVAwUBPX4I9aCVPMXQI2HJAQFabAQAnwkyxn2LZJ0VOv3L7RT5jwzGEy0pRL7A
FRE920tu4ys8fuaoweFp1YaiUUlVPFuoPFgFWlsHJ7uUkUVcL0T6Kzm5bzp8C5hz
QYdYjuumEj1thy/zxzzAJIsJqiLcXG0rW0iAlpaQ0X30JqH13OEHVr4Wuev0a2Pi
efDOLkEzliQ=
=dZDX
-----END PGP SIGNATURE-----
