Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: RPC protocol problem?jsz (jszramon.bgu.ac.il)
Thu, 25 Aug 94 3:33:25 IDT
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: jsz: "Re: RPC protocol problem?"
- Previous message: Pat Myrto: "Re: RPC protocol problem?"
- In reply to: Eric Conrad: "Re: RPC protocol problem?"
- Next in thread: Rafi Sadowsky: "Re: RPC protocol problem?"
> > > I don't have an exploit script, but replacing your portmap with > > Wietse's would probably not hurt. Heres the blurb: > > I can Wietse's portmapper easily under SunOS, but other > architectures (Solaris, Irix, etc.) will not cooperate. > > Does anyone have any diffs or porting info? I'll post a summary. > rpcbind "plays" role of portmapper on Solaris 2.X, and there is a secure version of it, ftp.win.tue.nl:/pub/security, rpcbind on Solaris 2.X also allows you to steal filehandes; mount daemon doesn't do reserved port checking, and once a directory is exported to the host itself you can steal the filehandle. I don't know of any security problem in IRIX 4.X portmapper, perhaps in 5.2?