OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 4th quarter (Oct-Dec) 1996: Re: BoS: SOD remote exploit

Re: BoS: SOD remote exploit

Helmut Springer (deltaRUS.Uni-Stuttgart.DE)
Mon, 14 Oct 1996 20:55:19 +0200 

-----BEGIN PGP SIGNED MESSAGE-----

hi,

Erik Fichtner wrote:
> Anyone know what this port 5556 belongs to?  /etc/services doesnt
> have an entry for it.
HP Remote Watch, /usr/remwatch. from the README of a 9.03A:

On the Series 300/400/700, HP Remote Watch is provided as a
separate product.  On the Series 800, HP Remote Watch is one
of two subsystems which comprise the HP Support Watch product;
the other subsystem is HP Predictive Support.  HP Predictive
Support is not available on the Series 300/400/700.

$ grep 5556 /etc/services
rwdaemon    5556/tcp                #  HP REMOTEWATCH DAEMON
$ grep rwdaemon /etc/inetd.conf
rwdaemon stream tcp  nowait  root  /usr/remwatch/bin/rwdaemon rwdaemon

and yes, on that machine it works. they could've put a ksh on that
port  8(

enjoy
  delta

- --
helmut 'delta' springer             Unix/Net Consulting, InfoSystems, StudBox
deltaRUS.Uni-Stuttgart.DE                          Stuttgart University, FRG
http://home.pages.de/~delta/
phone : +49 711 685-2003                    If you've got to do it,
FAX   : +49 711 685-2043                      do it with cold blood...

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBMmKMlkIBUTWGT7StAQHbzAP8DtAQjuGeXBYqgbkfCAFy+1D+GcJH3Kwn
PzZmpZFzM7NzVoGGiX/BgSEnHXGuriYH9usR73VvV8yqTk+wed8W1jGUy8E6GBsm
z8ggC4jF5eAt9JXa5RXe8z7M6iX5+ujtKZoiCvj/lEBzKTn/wfKlG0CzntFhLMY+
IL+DbFKmvoM=
=HmQa
-----END PGP SIGNATURE-----