|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RPC protocol problem?
Baba Z Buehler (baba
ph-meter.beckman.uiuc.edu)Tue, 23 Aug 1994 00:39:23 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Tom Fitzgerald: "Somebody probing for majordomos?"
- Previous message: John D'Agostino: "Re: flash"
- Next in thread: Adam Shostack: "Re: RPC protocol problem?"
I just read a post in comp.security.unix entitiled "widespread security hole in exporting of filesystems" which claims there are ways to break into a system that has filesystems exported to itself. Does anyone know anything about this? The post said "the trick is to make RPC requests via the portmapper, in such a way that they appear to the mount daemon to be coming from within the host itself." The post mentions a program that is "out there" to exploit this hole. If anyone has any knowledge of this, could you please post instructions on how to test for this. thanks, -- # Baba Z Buehler # Beckman Institute Systems Services, Urbana Illinois # # "How come that big box of bright ideas you sent # me is the one they say fell off the truck?" -- Butch Hancock # # WWW: http://www.beckman.uiuc.edu/groups/biss/people/baba/ # PGP Public Key available via finger baba
- Next message: Tom Fitzgerald: "Somebody probing for majordomos?"
- Previous message: John D'Agostino: "Re: flash"
- Next in thread: Adam Shostack: "Re: RPC protocol problem?"