[5321] in bugtraq
underestimating crackers
daemon@ATHENA.MIT.EDU (Tim Newsham)
Thu Oct 2 20:58:21 1997
Date: Wed, 1 Oct 1997 10:02:32 -1000
Reply-To: Tim Newsham <newsham@ALOHA.NET>
From: Tim Newsham <newsham@ALOHA.NET>
To: BUGTRAQ@NETSPACE.ORG
I've noticed something frightening in recent advisories from
vendors and software writers:
In cisco's recent advisory about CHAP vulnerabilities:
> Cisco is not aware of these vulnerabilities having been exploited by "system
> crackers", nor of any publicly available exploitation code. Cisco does not
> believe that the details of the vulnerabilities are widely understood in the
> cracker community. The theoretical possibility of these vulnerabilities has,
> however, been discussed fairly openly among PPP security professionals.
In samba's recent advisory about samba overflows:
> The exploit for the security hole is very architecture specific and
> has been only demonstrated to work for Samba servers running on Intel
> based platforms. The exploit posted to the internet is specific to
> Intel Linux servers. It would be very difficult to produce an exploit
> for other architectures but it may be possible.
I hope these beliefs that the cracking community is somehow technically
inept and incapable of keeping up with the literature and overcoming
simple obstacles is not widespread. If it is, I can understand why
security is so poor and crackers are able to waltz through systems
so easily. I'm afraid these people are in for a serious wake up call.
And the sooner, the better.
Tim N.
