Subject: Re: Code-red worm (snicker snicker...)
To: Steven M. Bellovin <smb@research.att.com>
From: Brian Hechinger <wonko@arkham.ws>
List: netbsd-users
Date: 08/02/2001 14:26:23
On Thu, Aug 02, 2001 at 02:24:30PM -0400, Steven M. Bellovin wrote:
> >> if the buffer overflow allows execution of code. So just start with "#!/bin/
> >sh"
> >> and it will run on every platform, can modify /etc/inetd.conf, HUP it, and
> >> voila, your shell on some port is open...
> >
> >you run your web server as root? then you get what you deserve. :)
> >
>
> It's worth noting that the effects of the current Code Red worm would
> be identical if it were running as "www". It spread, which requires
if you see what i quoted, i wasn't talking about code red, i was talking about
what he said about the scripts.
-brian