phillip@BARTAL.COM (Phillip M. Vogel) (04/04/91)
In article <1991Apr02.041525.14582@rfengr.com> rfarris@rfengr.com (Rick Farris) writes: >You know, we piss and moan about the security bugs in ISC, >but the month doesn't go by that I don't get an "URGENT >SECURITY VIOLATION IN PROGRESS" message from CERT/CC about >SUNs. > >Speaking of which, how come the ISC bug never showed up >there? > Good question. I reported the bug to CERT as soon as I read about it on the net and verified that it affected my system. The CERT people had not heard about it yet, and said they'd get back to me. They did call me back, and I emailed them the original posting and also gave them a couple of names at ISC (which they did not have already). Again they thanked me, and told me that they did not hav a system running ISC to test with. I offered them the use of one of my systems. They said they would be in touch, I never heard anything further from them. So, I don't know why we haven't heard anything from CERT. I guess this wasn't a big enough bug for them. -- Phillip M. Vogel, President | #include "/disclaimers/std.h" Bartal Design Group, Inc. | Domain: phillip@bartal.com 318 Marlboro Road, Englewood, NJ 07631 | (201)567-1343 FAX:(201)568-2891