[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] BIND vulnerability

Subject: RE: [cobalt-users] BIND vulnerability
From: "Dom Latter" <d.latter@xxxxxxx>
Date: Tue Jan 30 07:56:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Colin wrote:

> >But seriously, I'd say that us MIPSen are at less
> >risk of compromise than the Intel users.
> 
> Can you say why this is so?? I'm curious, because (to me)
> the BIND vulnerability is software and as such, (I *assume*) unrelated
> to the CPU type running on the boxen.

Firstly: I don't know as much about this as I would like to.
What follows is largely conjecture!

Once a vulnerability is identified, you then need to 
create tools to exploit it.  If the purpose of the tool 
is DoS then presumably this will not be platform-specific:
a buffer overflow leads to stack corruption and a system 
crash.

If on the other hand the aim is to *compromise* a m/c, 
by which I mean gain root access, then this would be CPU
specific - your "injected" code is going to have to be 
compiled for that CPU.

So any tools being written to take advantage of this 
vulnerability are more likey to be aimed at Intel 
machines.

Follow-Ups:
- Re: [cobalt-users] BIND vulnerability
  - From: Jeff Lasman
- [cobalt-users] RAQ3 and OS4 problem with mail
  - From: Andrew

References:
- RE: [cobalt-users] BIND vulnerability
  - From: Colin J. Raven

Prev by Date: RE: [cobalt-users] different root and admin password?
Next by Date: [cobalt-users] good web-stats program?
Previous by thread: RE: [cobalt-users] BIND vulnerability
Next by thread: Re: [cobalt-users] BIND vulnerability

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index