Embarrassing that some actually consider that a security flaw. Except for the title, that article does not mention any security flaws or any other problems related to the host. The article describes some evident functionality - how to solve a technical challenge by FTP + JCL. To consider this a backdoor is plainly silly. Why worry? The security guys will come with that stuff printed out and ask if we are affected or not by this vulnerability :)
My 50c Costin -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of John McKown Sent: 18 May 2013 22:17 To: IBM-MAIN@LISTSERV.UA.EDU Subject: Rather interesting article on "hacking the mainframe" using ftp http://mainframed767.tumblr.com/post/50574743147/big-iron-back-door-maintp-p art-two basically the person must be able to ftp into a UNIX subdirectory and to submit a job. They upload a program called "netcat" into a data set starting with their RACF id. They then submit a job which copies the data set into the /tmp subdirectory with a "random" name, chmod the name to be executable, then executes does starts the netcat in the "background" (asynchronous to the batch job) and piping to/from the z/OS UNIX shell. The "hacker" simply connects to the port that netcat is listening on, and presto, they have a shell on their desktop. -- This is a test of the Emergency Broadcast System. If this had been an actual emergency, do you really think we'd stick around to tell you? Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
