In <9407182253.AA00326@snark.imsi.com> you write: jsz says: > > > > jsz> Perhaps > > > > What does that mean??? > > It means that it's quite likely that rpc.cmsd is vulnerable, and there is a > good chance to locate a security problem in it, which may allow you gain > access to a system from remote, another root-from-remote, if you want. If you know a hole, the purpose of Bugtraq is to describe it so that we can all make ourselves safe. If you don't know of one, please don't make us paranoid unnecessarily. While I feel the "Perhaps" answer is unneccesarily vague :-) I think we should also allow/encourage mailings that say things like: /usr/bin/frob on Frobix systems seems like it's breakable, 'cause if you give it long strings it drops core, and its setuid root; anyone found a way to really break it? Programs that run as root and don't handle large/wierd input properly are often crackable with sufficient effort (like the fingerd bugs). So I think there are situations where it's valid to say that something "probably" has a security bug, even if you haven't found a specific sequence of events that really reproduces the problem, and I think that that sort of input is valuable to this list. One could conceivably find and fix the bug before anyone comes up with the mechanism to exploit it. After all, if you can make it drop core, you may be able to make it do something far more interesting... Marc