From owner-freebsd-security Wed Jul 22 07:13:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA05066 for freebsd-security-outgoing; Wed, 22 Jul 1998 07:13:58 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns1.seidata.com (ns1.seidata.com [208.10.211.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA05051 for ; Wed, 22 Jul 1998 07:13:47 -0700 (PDT) (envelope-from mike@seidata.com) Received: from localhost (mike@localhost) by ns1.seidata.com (8.8.8/8.8.5) with SMTP id KAA26328 for ; Wed, 22 Jul 1998 10:17:29 -0400 (EDT) Date: Wed, 22 Jul 1998 10:17:27 -0400 (EDT) From: Mike To: security@FreeBSD.ORG Subject: Re: hacked and don't know why In-Reply-To: <199807220142.VAA00776@kendra.ne.mediaone.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 21 Jul 1998, Drew Derbyshire wrote: > I believe the trouble has been located. I'm running a pre-2.5 version > of qpopper, which just had a CERT advisory put up on it for a buffer 'Just'? The Qpopper problems have been touted on almost every list I'm on for what seems like an eternity. This is the second-third time within the past week that I've heard people place blame for lack of security upon FreeBSD when it should have been placed elsewhere. Like stated, you're bound to get hit by the train if you keep your head stuck in a hole. Not that I don't have sympathy for individuals in cases like this, and not that I think it couldn't happen to anyone (it could!), but I just find it ironic that everytime I see blame placed so quickly, it is usually placed in the wrong place. -mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message