rpc.statd root on a Redhat 7.0 box....

From: Anthony Baratta (Anthonyat_private)
Date: Tue Sep 25 2001 - 19:32:29 PDT

Next message: Nicole Haywood: "Re: Tracking down the still infected hosts"

Previous message: Paul Tan: "Re: Hacked using vulnerable FTP daemon. -- next steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm cleaning up a box that was rooted by a rpc.statd exploit. According to 
what I've been able to find out, Redhat 7.0 should not have been vulnerable 
to the exploit. I can only find information about Redhat 6.x being vulnerable.

Anyone verify or debunk this?
---
Anthony Baratta
President
Keyboard Jockeys

"Conformity is the refuge of the unimaginative."


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Nicole Haywood: "Re: Tracking down the still infected hosts"
Previous message: Paul Tan: "Re: Hacked using vulnerable FTP daemon. -- next steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Sep 25 2001 - 22:50:10 PDT