Xref: utzoo news.admin:4089 news.sysadmin:1698 comp.mail.uucp:2367 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!unmvax!ncar!gatech!mcnc!ece-csc!ncrcae!ncrlnk!uunet!mcvax!ukc!stl!dww From: dww@stl.stc.co.uk (David Wright) Newsgroups: news.admin,news.sysadmin,comp.mail.uucp Subject: Re: Dangerous hole in Usenet! Message-ID: <871@acer.stl.stc.co.uk> Date: 27 Nov 88 11:06:34 GMT References: <1227@vsi1.UUCP> Reply-To: dww@acer.UUCP (David Wright) Organization: STL,Harlow,UK. Lines: 29 In article <1227@vsi1.UUCP> lmb@vsi1.UUCP (Larry Blair) writes: #It has come to my attention the there is a MAJOR hole (in news) #Larry Blair ames!vsi1!lmb lmb%vsi1.uucp@ames.arc.nasa.gov In a later article Larry notes that only 1% of sites have mailed him to ask about it. I wonder how many have actually done so, but not got to him? I've tried 3 times now: once to lmb@vsi1.uucp, once to the address in his sig (via ames), and once to an address made out of his Path converted to % form. All three bounced from either ames or from altnet with 'bad system name', e.g. From uucp@altnet.uucp Sat Nov 26 17:09:53 1988 Message-Id: <8811250354.AA04728@altnet.ALTOS.COM> ======= command failed ======= COMMAND: /usr/bin/uux -auunet!mcvax!stl.stc.co.uk!dww -r - vsi1!rmail '(lmb)' ======= standard error follows ======= bad system name: vsi1 uux failed ( 11 ) So is there a problem in getting mail to Larry, or what? Larry, if you read this please send your warning to news@stl.stc.co.uk and also check whether there are problems with mail to your site. I'll copy it on to the UK security list if you like (the 'world' one being strangely silent since the message saying it would restart soon). Thanks. -- Regards, "Are you sure YOUR password won't appear in RTM's next list?" David Wright STL, London Road, Harlow, Essex CM17 9NA, UK dww@stl.stc.co.uk...uunet!mcvax!ukc!stl!dww PSI%234237100122::DWW