Insecure hardware (was Re: gets(3) nonsense)
Barry Margolin
barmar at think.COM
Tue Dec 6 06:57:12 AEST 1988
In article <8308 at bloom-beacon.MIT.EDU> jik at athena.mit.edu (Jonathan I. Kamens) writes:
[Regarding the fingerd worm:]
>If the author(s) of the code had bothered to figure out the stack
>frame dimensions on the Sun, I'm sure he/she/they would have also
>figured out the necessary Sun instructions to make it work, and vice
>versa.
I don't think so. I don't think the worm knows the hardware of the
system it is trying to propogate to. If it's propogating using
machine language instructions, it needs to know the hardware. The
sendmail worm could go to either system because it transmitted a shell
script that runs on both Suns and Vaxes, which was able to look around
and determine which kind it was running on (in order to transfer and
link the correct stuff).
Barry Margolin
Thinking Machines Corp.
barmar at think.com
{uunet,harvard}!think!barmar
More information about the Comp.lang.c
mailing list