Bugtraq mailing list archives
Re: Solaris 10 Port Stealing Vulnerability
From: Casper.Dik () Oracle COM
Date: Thu, 31 Mar 2011 17:18:38 +0200
Imagine if you find a Solaris system running a web server that has a remote exploit which allows for the execution of arbitrary code. If the web server happens to be listening on the wildcard interface than you can very easily insert your own web server in front of it!
There SO_EXCLBIND setsockopt in Solaris which protects hijacking the port. Casper
Current thread:
- Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 29)
- Message not available
- RE: Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 31)
- Re: Solaris 10 Port Stealing Vulnerability Casper . Dik (Mar 31)
- RE: Solaris 10 Port Stealing Vulnerability Chris O'Regan (Mar 31)
- Message not available