Bugtraq mailing list archives

Re: portmapper dangers

From: wietse () wzv win tue nl (Wietse Venema)
Date: Fri, 5 Jul 1996 05:50:03 -0400


Here's a suggestion.  Why not pass on my comments to "deep throat" and
ask for his or her comments?

The claimed holes (set/unset from outside, unprivileged set/unset of
privileged ports) are already adressed in version 1 of my portmapper.

This makes me very curious about "deep throat"'s evidence for holes
in my program. Especially when they are announced on a public forum.

If there is a problem in my software I will fix it. I released this
program to protect my university's systems, and I have no desire to
hide any vulnerabilities under the rug.

        Wietse

Current thread:

Re: portmapper dangers Thomas H. Ptacek (Jun 30)
- <Possible follow-ups>
- Re: portmapper dangers der Mouse (Jul 01)
- Re: portmapper dangers Wietse Venema (Jul 04)
- Re: portmapper dangers Wietse Venema (Jul 05)