A Note On the rpc.statd exploit.

[Max0r <max0r () SERVER5 CREATIVE-WEBS COM>]

Yes, there is a vulnerability in the rpc.statd server.
Although, from looking at the only public exploit I could find,
(packetstorm). It requires the attacker to manually specify the
return address to manupulate the padding/offset, of the attack.

While people with minimal knowledge will be able to find out the address
for common OS/Architectures, 99% of script kiddies will just get confused
and give up. I am sure there are private exploits out there that have
predefined SP/Ret addrs, which will facilitate easy compromise of
vulnerable systems, but most of the attacks you'll see will be blind
attempts by cluebie kids.

But this is no excuse for you not to patch your systems.


-Max