Bugtraq mailing list archives

Re: sadmind exploits (remote sparc/x86)

From: techs () OBFUSCATION ORG (Erik Fichtner)
Date: Fri, 10 Dec 1999 18:41:27 -0500


If you want to be a little less appetizing to the bear than the other guy
until Sun coughs up a sadmind patch (if you're one of the unlucky sites
that has a need for it), get thee hence to

        ftp://ftp.porcupine.org/pub/security/rpcbind_2.1.tar.gz

and replace the rpcbind on your solaris2 system with Weitse's tcpwrapped
version.

        It will NOT stop the buffer overflow in sadmind by any means,
but it will stop this particular exploit script from being used by those
who cannot fix the code to not ask portmapper for the sadmind port.

(of course, since it's 18:45 EST on a friday, I imagine someone will post
a version that does direct-to-sadmind-port poking well before monday a.m.)

--
Erik Fichtner; Warrior SysAdmin (emf|techs)                       34.9908%
http://www.obfuscation.org/~techs      N 38 53.055'  W 77 21.860'  764 ft.
       "What's the most effective Windows NT remote management tool?"
          "A car."  --  Stephen Northcutt

Current thread:

sadmind exploits (remote sparc/x86) Marcy Abene (Dec 10)
- Re: sadmind exploits (remote sparc/x86) Erik Fichtner (Dec 10)
  - Re: sadmind exploits (remote sparc/x86) Lamont Granquist (Dec 10)
    - Irix and TCP implementation TeSd (Dec 10)
    - 64bit Sol7 on Ultra1 < 200mhz bug Jake Luck (Dec 11)
    - VDO Live Player 3.02 Buffer Overflow UNYUN (Dec 12)
    - ssh-1.2.27 exploit Jarek Kutylowski (Dec 13)
    - Re: ssh-1.2.27 exploit Iván Arce (Dec 13)
    - Re: ssh-1.2.27 exploit Beto (Dec 15)
    - FreeBSD 3.3 xsoldier root exploit Brock Tellier (Dec 15)
    - Xsoldier xploit (was: FreeBSD 3.3 xsoldier root exploit) Spidey (Dec 15)
    - BindView Security Advisory: Vulnerability in Windows NT's SYSKEY feature BindView Security Advisory (Dec 16)

(Thread continues...)