Bugtraq mailing list archives
Re: Forwared to me
From: tsoome () UT EE (Toomas Soome)
Date: Sat, 11 Jul 1998 00:44:58 +0300
On Thu, 9 Jul 1998, Raymond Medeiros wrote:
I would have to only completely agree with you. This fix which was contained in the ISS security announcement was indeed very weak. My suggestion was to at the very least deny access to finger requests from the outside. This attack really isn't that bad however I have been able to take out a machine on my own subnet using a simple perl script. In reality it doesn't appear to be more of a threat than a ping flood. I have also looked into using it as part of the beginning to a spoofing attack (under controlled conditions of course) and it has no apparent value. Never the less it should be brought to everyones attention as it is such a simple implementation and just one more reason to be suspicious of the use of yp.
ok, there MAY be some problems with it, but I think real answer for such problems is cacheing. I once wrote a little fix for some public finger to improve it's working speed with NIS+ - full table listings with NIS+ are quite bad thing in terms of perfomance. So finger will check if it's cache is fresh enough, if yes, all data will come fom cache, if not, finger will update cache.... sources are in ftp.ut.ee/pub/unix/sun/Solaris/soft/finger/, if anybody will interest... I will not quarantee anything... toomas soome Tartu University, Estonia -- My way of joking is to tell the truth. That's the funniest joke in the world. -- Muhammad Ali
Current thread:
- Re: ncurses 4.1 security bug, (continued)
- Re: ncurses 4.1 security bug Wietse Venema (Jul 12)
- Seattle Lab fixes security issue in SLmail Aleph One (Jul 12)
- Re: ncurses 4.1 security bug David Schwartz (Jul 09)
- sshd gives out version number Tom Dyas (Jul 09)
- Forwared to me Raymond Medeiros (Jul 08)
- Re: Forwared to me Solar Designer (Jul 09)
- Remote count.cgi exploit mods _ _ (Jul 09)
- Re: Remote count.cgi exploit mods Gus (Jul 11)
- Re: Forwared to me Raymond Medeiros (Jul 09)
- socks5 1.0r5 buffer overflow.. Zach Brown (Jul 10)
- Re: Forwared to me Toomas Soome (Jul 10)
- Re: Forwared to me Michael H. Warfield (Jul 13)
- Re: Forwared to me Raymond Medeiros (Jul 13)
- Re: Forwared to me Toomas Soome (Jul 13)
- Re: Forwared to me Michael H. Warfield (Jul 13)
- Re: Forwared to me Jason Downs (Jul 13)
- Re: Forwared to me Illuminatus Primus (Jul 13)
- Netware 4.x Attack Tool Announcement Simple Nomad (Jul 13)
- Re: ncurses 4.1 security bug Pavel Kankovsky (Jul 09)