Cark & snmpXdmid

From: Alfred Huger (ahat_private)
Date: Wed Apr 18 2001 - 07:04:10 PDT

Next message: Bill Borton: "Re: Does anyone recognize this?"

Previous message: Daniel Martin: "Re: Does anyone recognize this?"
Next in thread: Shoten: "Re: Cark & snmpXdmid"
Reply: Shoten: "Re: Cark & snmpXdmid"
Reply: Alfred Huger: "Re: Cark & snmpXdmid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Heya folks,

As was noted earlier the Cark DDoS agent is spreading via snmpXdmid:

Solaris snmpXdmid Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/2417

So obviously, there is an exploit in the wild for the this and it's
getting a fair bit of play - does anyone have a packet capture if this in
action or perhaps an actual exploit?

Cheers,
-al



VP Engineering
SecurityFocus.com
"Vae Victis"

Next message: Bill Borton: "Re: Does anyone recognize this?"
Previous message: Daniel Martin: "Re: Does anyone recognize this?"
Next in thread: Shoten: "Re: Cark & snmpXdmid"
Reply: Shoten: "Re: Cark & snmpXdmid"
Reply: Alfred Huger: "Re: Cark & snmpXdmid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Apr 18 2001 - 08:16:23 PDT