Don't fix that security hole - sue the finder instead (fwd)
Jerry Feldman
gaf at blu.org
Wed Jul 31 10:14:51 EDT 2002
I found that interesting. My coworker is playing around with that exploiut
now. Looking at it, it may be exploiting a hole in the chip's palcode,
which can be easily fixed with a firmware upgrade. In any case, it should
be fixable. More specifically, system calls are performed via a trap
through the palcode.
On 31 Jul 2002 at 9:33, David Kramer wrote:
> HP had a security hole in their Tru64 UNIX. The fact was
> apparently made public last year. Someone recently published
> the info, along with sample C code that exploits the hole. HP
> threatened them with DMCA prosecution and with a lawsuit.
>
> http://news.com.com/2100-1023-947325.html?tag=fd_lede
--
Jerry Feldman <gaf at blu.org>
Associate Director
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
More information about the Discuss
mailing list