All, At 22:29 26/04/98 -0700, you wrote: >On Sun, 26 Apr 1998, Rama Kant wrote: >> As far as the DOD's sites are concerned, there is a rumor that one of the >> Solaris vulnerability was exploited. >> Does anyone know of any details of the exploited Solaris vulnerability? > >Is it still a rumor? I read (forget where, perhaps here) that the bug was >in statd. Does statd ever run without NFS? Were they really running NFS >on an Internet-connected host? The only place I remember seeing this was:- http://www.wired.com/news/news/technology/story/10737.html Though that webpage does state it was announced on the bugtraq mailing list first. -- Nick Drage, Sysadm, Smartways Technology. ( nickd@ for personal email - thank you )
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:57:03 PDT