Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: Re: portmap
From: Wietse Venema (wietseporcupine.org)
Date: Thu Jul 27 2000 - 07:44:09 CDT
- Next message: Dustin D. Trammell: "Re: Slackware 7.0"
- Previous message: Olaf Kirch: "Re: /var/lock permissions"
- In reply to: Olaf Kirch: "portmap"
- Next in thread: Olaf Kirch: "Re: portmap"
- Reply: Wietse Venema: "Re: portmap"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Well, one could DOS the system by claiming all low ports so no new
rpc server can register.
For that matter, one could DOS the portmapper by registering all
I am seriously considering to bury some of my software such as satan,
portmap and rpcbind, and to put my efforts into other projects such
as the mailer.
> Hi all,
> here's another portmap glitch I came across.
> The current portmapper does incomplete sanity checking on the
> ports you register. As a non-root user, you're not allowed
> to register services on ports < 1024. You can however register
> services on port + 65536.
> I cannot see any immediate exploit of this problem, so here's
> the demo program.
> I've now uploaded my smallrpc library and the patched portmapper
> to linux.mathematik.tu-darmstadt:/pub/linux/people/okir/dontuse:
> dd897fc3ff57b9f8d19dd3220f94c7fc smallrpc-0.1.tar.gz
> 53cca86b5d6fab840ba8ffff59ccafe8 portmap-5safer.tar.gz
> If the smallrpc library proves to be stable and passes an audit,
> I'll start porting other rpc daemons to it as well.
> Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
> okirmonad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
> okircaldera.de +-------------------- Why Not?! -----------------------
> UNIX, n.: Spanish manufacturer of fire extinguishers.
[application/pgp-signature is not supported, skipping...]