Bugtraq mailing list archives

RPC protocol problem?

From: baba () ph-meter beckman uiuc edu (Baba Z Buehler)
Date: Tue, 23 Aug 1994 00:39:23 -0500


I just read a post in comp.security.unix entitiled "widespread security hole
in exporting of filesystems" which claims there are ways to break into a 
system that has filesystems exported to itself.

Does anyone know anything about this?  The post said "the trick is to make
RPC requests via the portmapper, in such a way that they appear to the mount
daemon to be coming from within the host itself."

The post mentions a program that is "out there" to exploit this hole.  If
anyone has any knowledge of this, could you please post instructions on how
to test for this.

thanks,
--
# Baba Z Buehler
# Beckman Institute Systems Services, Urbana Illinois
#
#  "How come that big box of bright ideas you sent
#   me is the one they say fell off the truck?"  -- Butch Hancock
#
# WWW: http://www.beckman.uiuc.edu/groups/biss/people/baba/
# PGP Public Key available via finger baba () beckman uiuc edu

Current thread:

RPC protocol problem? Baba Z Buehler (Aug 22)
- <Possible follow-ups>
- Re: RPC protocol problem? Adam Shostack (Aug 23)
- Re: RPC protocol problem? Steinar Haug (Aug 23)
- Re: RPC protocol problem? Leif Hedstrom (Aug 23)
- Re: RPC protocol problem? Gene Spafford (Aug 23)
  - Re: RPC protocol problem? Doug Davis (Aug 23)
    - Re: RPC protocol problem? Pat Myrto (Aug 24)
    - Re: RPC protocol problem? jsz (Aug 24)
  - Re: RPC protocol problem? [patch for SGI systems] Steve Kotsopoulos (Aug 23)
  - Re: RPC protocol problem? [patch for Sun/Solaris systems] Luc Saccavini (Aug 24)
- Re: RPC protocol problem? Christopher Klaus (Aug 23)

(Thread continues...)