Solaris systems attacked via the recent RPC/XDR integer overflow may record errors similar to the following: Mar 9 12:41:35 dummy rpcbind: xdrmem_getbytes: Incoming data too large, Mar 9 13:43:54 dummy rpcbind: rpcbind terminating on signal. Mar 9 13:44:59 dummy rpcbind: xdrmem_getbytes: Incoming data too large, Mar 9 13:45:32 dummy rpcbind: xdrmem_getbytes: Incoming data too large, The vulnerability is described at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51884 and http://www.cert.org/advisories/CA-2003-10.html cheers -- tbird -- "I knew it! I knew it! Well, not in the sense of having the slightest idea, but I knew there was something I didn't know." -- Willow, from "Buffy the Vampire Slayer" http://www.shmoo.com/~tbird Log Analysis http://www.loganalysis.org VPN http://vpn.shmoo.com _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Mon Mar 24 2003 - 17:30:32 PST