exploit for CERT advisory CA-98.11?

From: Scott Cromar (cromarat_private)
Date: Fri Sep 18 1998 - 08:47:17 PDT

Next message: Seth McGann: "Defeating (or at least confusing) neped.c"

Previous message: Simple Nomad: "NMRC Advisory - Default NDS Rights"
Next in thread: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"
Reply: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Several of our Solaris 2.6 systems appear to be under attack using whatever
exploit prompted CERT advisory CA-98.11.  As near as I can tell, turning
off stack executability appears to be protecting us from the attack, though
core files are generated each time.  (The core files have been forwarded
to Sun.)  According to Sun the patches 105802-06 and 104489-08 do not
resolve the buffer overflow problem with rpc.ttdbserverd.

For my own sanity, I would appreciate it if someone would forward me the
exploit that prompted CA-98.11.  I would like to test our systems for this
vulnerability.

--Scott

Next message: Seth McGann: "Defeating (or at least confusing) neped.c"
Previous message: Simple Nomad: "NMRC Advisory - Default NDS Rights"
Next in thread: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"
Reply: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:16:40 PDT