CERT and ISC (was: Hack-Attempt on dobag (ISC-Bugs))
Phillip M. Vogel
phillip at BARTAL.COM
Thu Apr 4 06:46:52 AEST 1991
In article <1991Apr02.041525.14582 at rfengr.com> rfarris at rfengr.com (Rick Farris) writes:
>You know, we piss and moan about the security bugs in ISC,
>but the month doesn't go by that I don't get an "URGENT
>SECURITY VIOLATION IN PROGRESS" message from CERT/CC about
>SUNs.
>
>Speaking of which, how come the ISC bug never showed up
>there?
>
Good question. I reported the bug to CERT as soon as I read about
it on the net and verified that it affected my system. The CERT
people had not heard about it yet, and said they'd get back to
me. They did call me back, and I emailed them the original
posting and also gave them a couple of names at ISC (which they
did not have already). Again they thanked me, and told me that
they did not hav a system running ISC to test with. I offered
them the use of one of my systems. They said they would be in
touch, I never heard anything further from them.
So, I don't know why we haven't heard anything from CERT. I guess
this wasn't a big enough bug for them.
--
Phillip M. Vogel, President | #include "/disclaimers/std.h"
Bartal Design Group, Inc. | Domain: phillip at bartal.com
318 Marlboro Road, Englewood, NJ 07631 | (201)567-1343 FAX:(201)568-2891
More information about the Comp.unix.sysv386
mailing list