Subject: Re: Code-red worm (snicker snicker...)
To: None <>
From: Steven M. Bellovin <>
List: netbsd-users
Date: 08/02/2001 14:10:29
In message <>, Hubert Feyrer wr
>In article <> you wrote:
>> No -- it could have happened to any OS.  It was a buffer overflow, 
>> and there are lots of those on Unix systems, too.  Should one be found 
>> in Apache, the Net might be worse off, because Apache has so much more 
>> market share than IIS does.  
>On Unix, just because you can overflow a buffer doesn't mean the CPU
>can run the code you feed it. 

Right.  But there aren't many types of machines out there, and even 
1988 worm handled multiple CPU types.

		--Steve Bellovin,