|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Vulnerability in Solaris 2.6. rpc.statd ?
Bob Todd (toddr
ARC.COM)
Sat, 21 Aug 1999 12:31:18 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: David LeBlanc: "Re: FW: DCOM attack against NT using VB6"
- Previous message: Michael: "Winamp SHOUTcast server: Gain Administrator Password"
- Next in thread: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
- Reply: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
While performing an on-site incident response at
_______, I found several
Solaris-oriented exploit programs including a
statd2.6 (others were calendar
manager, tooltalk, and lockd?). Since there is an
exploit program for statd on
Solaris 2.6, I could conclude that Solaris 2.6
statd is vulnerable to attack. I
have not tried the exploit, but since the machine
was probably compromised
by one of these programs, the threat seems real!!
______________________________________________
Bob and Ann Todd
Advanced Research Corporation
Office: (703) 938-4385
Mobile: (703) 203-0855
www.arc.com
- Next message: David LeBlanc: "Re: FW: DCOM attack against NT using VB6"
- Previous message: Michael: "Winamp SHOUTcast server: Gain Administrator Password"
- Next in thread: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
- Reply: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
This archive was generated by hypermail 2.0b3 on Mon Aug 23 1999 - 20:45:20 CDT