[Info-vax] What to do with my VAX.....
seasoned_geek
roland at logikalsolutions.com
Fri Nov 20 07:38:26 EST 2020
On Wednesday, November 11, 2020 at 6:08:04 PM UTC-6, Alexander Schreiber wrote:
> seasoned_geek <rol... at logikalsolutions.com> wrote:
> > On Monday, November 2, 2020 at 4:08:04 AM UTC-6, Alexander Schreiber wrote:
> >> seasoned_geek <rol... at logikalsolutions.com> wrote:
> >> > On Saturday, October 17, 2020 at 9:10:35 AM UTC-5, Bill Gunshannon wrote:
> >
> > Like the Bash security breach exploited for ~25 years before being
> > outted in public?
> To exploit bash you need to get code execution on the system in the
> first place. And nobody in their right mind wires a shell directly
> to an open socket (unless it's part of an exploit). So nobody _looks_
> for security holes in stuff that should not be security relevant
> in the first place. Until, of course, someone does ...
Or you need access to the GUEST account which was left enabled most everywhere because there where "no known vulnerabilities" in the shell and the account itself had no privs.
More information about the Info-vax
mailing list