Re: Passwd encrytion

To: debian-devel@lists.debian.org
Subject: Re: Passwd encrytion
From: Daniel Martin <Daniel.Martin@jhu.edu>
Date: Sat, 20 Mar 1999 21:21:07 -0500
Message-id: <[🔎] 87lngra8h8.fsf@cush.dyn.ez-ip.net>
In-reply-to: Wichert Akkerman's message of "Sun, 21 Mar 1999 02:19:36 +0100"
References: <[🔎] Pine.LNX.4.04.9903200036360.18844-100000@trishul.kec.ernet.in> <[🔎] Pine.LNX.3.96.990319162959.32441A-100000@wm7-214.resnet.wm.edu> <[🔎] 19990321021936.B25089@cs.leidenuniv.nl>

Wichert Akkerman <wichert@cs.leidenuniv.nl> writes:

> [1  <text/plain; us-ascii (quoted-printable)>]
> Previously Brandon Mitchell wrote:
> > It would be crazy to try to decrypt the passwords when it's so easy to
> > exploit simple buffer overflows like the following one:
> > 
> > echo "I jnag gb penpx ebbg.  Pyrnfr erzbir zl nppbhag." | tr n-za-m a-z |
> > mailx root
> 
> Now before people start mailing security@debian.org suddenly: this
> overflow has already been fixed.

Wouldn't it be more accurate to say that this exploit is
self-correcting?

I like it, though - I'm going to have to file that answer away as a
standard response to the script-kiddies...

Reply to:

References:
- Passwd encrytion
  - From: vineet punetha <vineet@trishul.kec.ernet.in>
- Re: Passwd encrytion
  - From: Brandon Mitchell <bmitch@atdot.org>
- Re: Passwd encrytion
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

Prev by Date: Slink to potato upgrade
Next by Date: Re: If Debian wants to grow, let it grow. Or: King James reading Anarchy FAQ
Previous by thread: Re: Passwd encrytion
Next by thread: FWD: [analog-announce] WARNING: Webtechs porn hack: and other news
Index(es):
- Date
- Thread