[9984] in bugtraq
Re: ftp exploit
daemon@ATHENA.MIT.EDU (Aleph One)
Fri Mar 26 12:09:08 1999
Date: Fri, 26 Mar 1999 10:01:22 -0800
Reply-To: Aleph One <aleph1@UNDERGROUND.ORG>
From: Aleph One <aleph1@UNDERGROUND.ORG>
X-To: duke <duke@gatekeeper.VIPER.NET.AU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <36F75A36.DF43CE2B@viper.net.au>; from duke on Tue, Mar 23,
1999 at 09:09:11AM +0000
On Tue, Mar 23, 1999 at 09:09:11AM +0000, duke wrote:
> hi,
>
> this code i wrote demonstrated a vulnerability that is already widely known, and as indicated in the comments is
> (was) private... there is nothing to be gained from posting this here and furthermore you have *NO* right to post
> code not written by you, and not given to you by the author, but by some third rate source. All posting it here does
> is put alot more servers at an unecessary risk.
> Maybe next time you should see if its ok with the author before giving it out.
>
> (sorry about the rant aleph1, others..)
> -duke
No apology required. But as it is obvious, regardless of whether you did
not intended it to be private, the exploit has fallen into other hands.
As this is the case, and its being used to exploit the vulnerability,
everyone should have access to it, not just the hackers who are
trading it.
As everyone should know, if you want to keep something private keep it
to yourself (and even then chances are someone will find out).
--
Aleph One / aleph1@underground.org
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
