That's what the Danish "security" company
Secunia asserts. Since I already had to do with Secunia, I can tell you one thing: Secunia is trying to make as much publicity as possible, with as many security advisories as possible. In my case, they asked me about a minor fault in MySQL authentication of
akpop3d that could have probably led to an incorrect login (an SQL injection that would have led to another record returned than desired, but the attacker still would have to know the other record's password) which I mentioned in akpop3d's change log. I told them what the actual problem was, and that the vulnerability is
verytheoretical.
A few days later, they issued a
security advisory. And it
contained exactly the information that I gave to them! And they make money off this service, by informing people about this "security hole". My case is only an example, but most of their advisories look this way. I wonder whether they counted this advisory as "Linux" security hole in one of their statistics, solely because akpop3d runs on Linux (and FreeBSD, and OSX, and a few more).
This is so ridiculous. What is even more ridiculous are all the trolls in the
ORF FutureZone forum.
ts Kiddies. All the losers complaining that OS/400, z/OS, Trusted Solaris (muhahahaha) and whatnot were all soooo much more secure than Windows, Linux, OSX and everything have no f*cking clue.