[Info-vax] DCL vulnerability write up on The Register

[Stephen Hoffman]

On 2018-02-18 14:51:20 +0000, Phillip Helbig (undress to reply said:

> In article <p6c20f$jje$1 at dont-email.me>, Simon Clubley
> <clubley at remove_me.eisner.decus.org-Earth.UFP> writes:
> 
>> So basically, when you combine the two bits together, a bug in the CDU 
>> parser, combined with a lack of proper checking in DCL, has basically 
>> allowed any interactive user with shell access to totally compromise a 
>> VAX or Alpha system since the mid 1980s.
>> 
>> IMHO, things simply should not be that fragile.
> 
> True.  However, apparently no-one ever did compromise a system in the 
> way you describe.  Maybe because all who were in a position to do so  
> were wearing white hats?

Many attackers aren't known for broadcasting weaknesses they might 
find.   Various vendors silently fix bugs found, too.   Some folks will 
report vulnerabilities that they find, and some vendors will receive 
and respond to and promptly fix the bugs.   Some don't.  Some folks 
stockpile bugs.  Some folks — users or even folks at vendors — can leak 
or can sell vulnerabilities to attackers. All vendors are stuck with 
the calculation around what they can fix and what will disrupt folks 
and what they can't fix due to the expected disruptions or due to 
funding or scheduling conflicts, too.

The US National Security Agency (NSA) leaks certainly provided folks 
with some insights into how vulnerabilities and exploits arise and are 
handled, how they have been used, and how these vulnerabilities have 
been revealed and exploited.





-- 
Pure Personal Opinion | HoffmanLabs LLC