Subject: Re: Code-red worm (snicker snicker...)
To: None <firstname.lastname@example.org>
From: Steven M. Bellovin <email@example.com>
Date: 08/02/2001 14:10:29
In message <200108021806.UAA15712@rfhpc8317.fh-regensburg.de>, Hubert Feyrer wr
>In article <20010802142555.34C357B4B@berkshire.research.att.com> you wrote:
>> No -- it could have happened to any OS. It was a buffer overflow,
>> and there are lots of those on Unix systems, too. Should one be found
>> in Apache, the Net might be worse off, because Apache has so much more
>> market share than IIS does.
>On Unix, just because you can overflow a buffer doesn't mean the CPU
>can run the code you feed it.
Right. But there aren't many types of machines out there, and even
1988 worm handled multiple CPU types.
--Steve Bellovin, http://www.research.att.com/~smb