[10840] in bugtraq
Re: IIS Remote Exploit (injection code)
daemon@ATHENA.MIT.EDU (Ethan Benatan)
Wed Jun 16 15:59:47 1999
Message-Id: <199906161909.TAA27466@antimony.cs.pitt.edu>
Date: Wed, 16 Jun 1999 19:09:42 GMT
Reply-To: Ethan Benatan <ethan+@pitt.edu>
From: Ethan Benatan <ethan+@PITT.EDU>
X-To: hoglund@IEWAY.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <efa43ad4250b06288f4f709daba3a38337676a65@tripwiresecurity.com>
(message from Greg Hoglund on Wed, 16 Jun 1999 08:58:05 -0700)
>>> "Greg" == Greg Hoglund <hoglund@IEWAY.COM> writes:
Greg> I read yesturday on eEye.com that they had discovered a buffer
Greg> overflow in IIS.....
<snip>
Greg> Lastly, I would simply like to point out that monoculture
Greg> installations are very dangerous. It's a concept from
Greg> agribusiness.. if you have all one crop, and a virus comes
Greg> along that can kill that crop, your out of business.
Very true, and this is a terrifically important message to get out.
Not to be pedantic but actually it is a concept from ecology: the
"business", as Greg puts it, can be any system. Diversity makes for
resilience, and vice versa. Okay aleph, it's not a bug but it is a
way we should be thinking.
Greg> With
Greg> almost ALL of the IIS servers on the net being vulnerable to
Greg> this exploit, we also have a monoculture. And, it's not just
Greg> IIS. The backbone of the Internet is built on common router
Greg> technology (such as cisco IOS). If a serious exploit comes
Greg> along for the IOS kernel, can you imagine the darkness that
Greg> will fall?
Ethan
ethan+@pitt.edu
