Bugtraq mailing list archives
Re: SUN almost has a clue! (automountd)
From: Oliver_Friedrichs () NAI COM (Friedrichs, Oliver)
Date: Mon, 4 Jan 1999 17:38:46 -0800
This new bug, located in rpc.statd which is also started by default (imagine that!), allows for remote packets to be bounced to the local Operating System.
This isn't really new. This problem was found by Secure Networks, Inc. last spring and forwarded to vendors. A module to test for this vulnerability has been in Ballista (now CyberCop Scanner from Network Associates) since then as well. It was never publicly noted, since the problem hasn't been fixed yet (and as a security company, we aren't in the habit of disclosing bugs which aren't fixed), however many people knew of this vulnerability as a result of our research. - Oliver Network Associates, Inc.
Current thread:
- Re: SUN almost has a clue! (automountd) Friedrichs, Oliver (Jan 04)
- Re: SUN almost has a clue! (automountd) Andreas Bogk (Jan 05)
- Re: SUN almost has a clue! (automountd) David LeBlanc (Jan 06)
- <Possible follow-ups>
- Re: SUN almost has a clue! (automountd) Scott (Jan 04)
- Re: SUN almost has a clue! (automountd) Alan Cox (Jan 05)
- Re: SUN almost has a clue! (automountd) Michael Russell (Jan 05)
- Re: SUN almost has a clue! (automountd) der Mouse (Jan 05)
- Re: SUN almost has a clue! (automountd) Friedrichs, Oliver (Jan 05)
- Re: SUN almost has a clue! (automountd) Huger, Alfred (Jan 05)
- Re: SUN almost has a clue! (automountd) Andreas Bogk (Jan 05)