Vulnerability in Solaris 2.6. rpc.statd ?

From: Bob Todd (toddrat_private)
Date: Sat Aug 21 1999 - 09:31:18 PDT

Next message: David LeBlanc: "Re: FW: DCOM attack against NT using VB6"

Previous message: Kerb: "FrontPage Personal Web Server"
Next in thread: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Reply: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Reply: mb: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

While performing an on-site incident response at
_______, I found several
Solaris-oriented exploit programs including a
statd2.6 (others were calendar
manager, tooltalk, and lockd?).  Since there is an
exploit program for statd on
 Solaris 2.6, I could conclude that Solaris 2.6
statd is vulnerable to attack.  I
have not tried the exploit, but since the machine
was probably compromised
by one of these programs, the threat seems real!!
______________________________________________
Bob and Ann Todd
Advanced Research Corporation
Office:       (703) 938-4385
Mobile:       (703) 203-0855
www.arc.com

Next message: David LeBlanc: "Re: FW: DCOM attack against NT using VB6"
Previous message: Kerb: "FrontPage Personal Web Server"
Next in thread: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Reply: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Reply: mb: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:58:06 PDT