From: Jeff Shultz 

On Thu, 04 Mar 2004 06:27:16 -0500, Geo. wrote:

> "Jeff Shultz"  wrote in message
> news:pan.2004.03.03.15.06.20.177532{at}shultzinfosystems.com...
>
>> So the hole only exists if DS is installed? It's a DS exploit.
>
> That's a fair statement, but since DS is part of W2Ks, then it is also a
> W2Ks exploit, no? It's on the CD, the cd is flawed.
>
If the exploit doesn't exist in the absence of DS, then it's not a W2K
exploit, is it? Esp. if DS on WinXPs also has the exploit (no information).

>> Except somewhere there should be a dividing line between an application
>> (GAIM) and something integrated into the Operating System (IE) when
>> defining what an exploit is called.
>
> You can call it a GAIM exploit, but since GAIM is also part of RH then
> it's also a RH exploit.
>
GAIM is a standalone app. Take the same binary and it'll compile on pretty
much any distribution - therefore the exploit is not unique to RH. It is
however unique to GAIM. Unless there is something I've missed and the GAIM
exploit is due to an RH-written and RH-only tweak that would not be found
in another distro.

> It's like the recent zip folder exploit, I view it as an XP exploit.

Aren't zip folders a "feature" of XP and authored by MS? Yes? Can
they be run on Win2k? No?

Then yes, it's an XP exploit if they are built into (and not particularly
removable from) the OS.

But if this were Stardock's SpringFolders (not even a similar product),
then it would be a SF exploit... unless the exploit was actually due to a
whole in the underlying OS that could have also been opened by other
programs. Then it's an OS exploit again.

Care for another spin on the carousel?

--- BBBS/NT v4.01 Flag-5