Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: exploit for CERT advisory CA-98.11?

exploit for CERT advisory CA-98.11?

Scott Cromar (cromarPHOENIX.PRINCETON.EDU)
Fri, 18 Sep 1998 11:47:17 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Seth McGann: "Defeating (or at least confusing) neped.c"
Previous message: Simple Nomad: "NMRC Advisory - Default NDS Rights"
Next in thread: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"

Several of our Solaris 2.6 systems appear to be under attack using whatever
exploit prompted CERT advisory CA-98.11.  As near as I can tell, turning
off stack executability appears to be protecting us from the attack, though
core files are generated each time.  (The core files have been forwarded
to Sun.)  According to Sun the patches 105802-06 and 104489-08 do not
resolve the buffer overflow problem with rpc.ttdbserverd.

For my own sanity, I would appreciate it if someone would forward me the
exploit that prompted CA-98.11.  I would like to test our systems for this
vulnerability.

--Scott

Next message: Seth McGann: "Defeating (or at least confusing) neped.c"
Previous message: Simple Nomad: "NMRC Advisory - Default NDS Rights"
Next in thread: Shawn Hernan: "Re: exploit for CERT advisory CA-98.11?"