From owner-freebsd-security Thu Jan 25 10:35:42 2001 Delivered-To: freebsd-security@freebsd.org Received: from joe.pythonvideo.com (joe.pythonvideo.com [209.226.29.94]) by hub.freebsd.org (Postfix) with ESMTP id EBB1837B6B6 for ; Thu, 25 Jan 2001 10:35:24 -0800 (PST) Received: from localhost (joe@localhost) by joe.pythonvideo.com (8.11.1/8.11.0) with ESMTP id f0PIYxo05786; Thu, 25 Jan 2001 13:34:59 -0500 (EST) (envelope-from joe@advancewebhosting.com) X-Authentication-Warning: joe.pythonvideo.com: joe owned process doing -bs Date: Thu, 25 Jan 2001 13:34:58 -0500 (EST) From: Joe Oliveiro X-Sender: joe@joe.pythonvideo.com To: "Steven G. Kargl" Cc: freebsd-security@FreeBSD.ORG Subject: Re: buffer overflows in rpc.statd? In-Reply-To: <200101251726.f0PHQei65827@troutmask.apl.washington.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Its a RedHat thang, dont worry about fbsd's statd as it isnt prone to those problems. Microsoft: "Where would you like to go to today" Linux: "Where would you like to go tomorrow" FreeBSD: "Hey,when are you guys going to catch up" On Thu, 25 Jan 2001, Steven G. Kargl wrote: > Are there any known compromises of rpc.statd that involve > buffer overflows? I have several entries in /var/log/messages that > look suspicious, but I currently don't know what these entries > mean (see attachment). The suspicious entries appear to be > buffers that someone or something has tried to overflow. > > -- > Steve > http://troutmask.apl.washington.edu/~kargl/ > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message