Critical security handled critically

Josh's Blog

Monday, December 13. 2010

Critical security handled critically

Last week there was an Exim 0day flaw found in the wild. This hasn't happened to something this widely used in quite a long time. It's worth pointing out that all the right folks came together to get this fixed in an amazing amount of time. They did a great job and deserve a lot of credit. This could have been a lot worse than it was.

Upstream sent this message giving a pretty good run down of events.

Their openness is certainly the best way to have handled this. If you treat security like a PR problem, it becomes a PR problem.

The short story is that on December 7, a vigilant sysadmin (Sergey Kononenko) noticed a compromised server, and luckily grabbed a dump of the data. It wasn't widely noticed for about two days. During this time investigation began. Here is where open source showed its real power. When the folks investigating were having issues, they started asking other community folks to help, this eventually made its way to various vendors. Everyone brought a different piece to the puzzle, and the next day the problem was understood, and vendors started to patch their copies of Exim. It turned out upstream had fixed the issue quite some time ago.

It's not uncommon for emergencies to go horribly wrong, but when the right people do the right things, things can work nicely.
Posted by Josh Bressers in Security at 21:07 | Comment (1) | Trackbacks (0)
Twitter Facebook Bookmark Critical security handled critically at reddit.com

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

Calling it "0day" is a little sensationalist. The latest relase of Exim is not remotely vulnerable (as you note), but the distro maintainers didn't either update to it or back-port the security patches.

That said, I agree a lot of people behaved responsibly :-)

Exim is a wonderful piece of software, and I hope its reputation isn't tarnished by the last week's events.
#1 Bernie on 2010-12-14 03:01 (Reply)

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

BBCode format allowed
 
 

Calendar

Back May '13
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Twitter


Quicksearch

Archives

Categories



All categories

Syndicate This Blog

Blog Administration

Open login screen

Powered by

Serendipity PHP Weblog